Users are connecting their endpoint machines to a wireless hard drive and transferring confidential data between them. They are doing both, mounting the wireless hard drive as a network share or using an HTTP URL to upload and download file or to stream video, audio and pictures.
You want to block this activity or monitor it using Symantec Data Loss Prevention (DLP) Endpoint Agent.
Windows 7, Windows 8 and Windows 10
Mac OS X
DLP 14.0 and higher
Below mentioned steps can be followed to block or monitor this activity:
Log into the Enforce console > System > Agents > Agent Configuration > Agent Monitoring
Enable “Copy to Share” channel. Click Save to save the changes
Create a new policy by following below mentioned steps:
Enforce > Manage > Policies > Policy List > Add Policy > Add a blank policy
Type the name of the policy
Select the policy group to which you would like to assign this policy
Click “Add Rule” > select Protocol or Endpoint Monitoring > click Next > Type the name of the Rule
Select the severity as per your requirement
Select HTTP and HTTPs from Protocol
Select “Copy to Network Share” from Endpoint Destination
Click on the drop down arrow next to “Also match” and select “Endpoint Location” and click Add
Select Location as “Off the Corporate Network” and click Ok
Click Save to save the policy
Log into the Enforce console > System > Agents > Application Monitoring
Click on Microsoft Internet Explorer > select Application File Access
Select Read option and save the changes
Repeat same process for Mozilla Firefox and Google Chrome
Subscribing will provide email updates when this Article is updated. Login is required.