Whatsapp monitoring with Data Loss Prevention Application Monitoring
Last Updated January 22, 2018
The application Whatsapp encrypts all data passed through it thereby making it difficult for DLP to monitor the application and information passed into it. When the application is run on the desktop, it allows files to be dropped into it and transfers them via the web, allowing potential bypassing of other DLP monitoring.
While Whatsapp is normally run as a mobile app, it can also be downloaded and run on the desktop (where it is linked to a mobile app). If it is run on the desktop, it can be monitored similar to any web browser.
Whatsapp can be monitored for Copy/paste events.
1. Add a new application by going to System > Agents > Application Monitoring using the following information:
Binary Name: Whatsapp\.exe
Internal Name: <leave blank>
Original Filename: whatsapp\.exe
Publisher Name: <leave blank>
Application Type: Cloud Storage
Application Monitoring Configuration:
2. That configuration, and a valid policy in place, allows DLP to monitor the application for Paste events.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe