Sophos Endpoint Security & Data Protection Dokumentacja Pobierz pdf (Strona 17)

2 SINGLE, CENTRAL AUTOMATED CONSOLE REVIEWER’S GUIDE

There are two types of data control rule:

• ﬁle matching rule: speciﬁes the action that is taken if the user attempts

to transfer a ﬁle with the speciﬁed ﬁle name or of the speciﬁed ﬁle type

(true ﬁle type category, e.g. a spreadsheet) to the speciﬁed destination, for

example, block the transfer of databases to removable storage devices

• content rule: contains one or more data deﬁnitions and speciﬁes the action

that is taken if the user attempts to transfer data that matches all the

deﬁnitions in the rule to the speciﬁed destination.

To simplify policy creation, SophosLabs maintain a library of extensive library of

global sensitive data deﬁnitions (Content Control Lists) which covers personally

identiﬁable information (PII) such as credit card numbers, social security

numbers, postal addresses, or email addresses.

These deﬁnitions use a wide range of techniques to ensure accurate detection.

They are continually reﬁned by SophosLabs and new deﬁnitions will be added

as part of the monthly endpoint data updates.

You can create your own lists speciﬁc to your organization such as customer

reference numbers or speciﬁc conﬁdential document markers.

Figure 11: Data control – Content Control Lists

Figure 10: Data control – preconﬁgured policy rules

1 2 ... 12 13 14 15 16 17 18 19 20 21 22 ... 40 41

Brak uwag

Sophos Endpoint Security & Data Protection Dokumentacja Strona 17