Data Loss Prevention Forum

Managing Director I Cyber Security Evangelist I Cyber Security Consultant I CISO As A Service at a tech services company with 1-10 employees
May 22 2021

I would like feedback of people's experiences with tools for Data Loss Prevention for Microsoft 365.  

Mahesh DalaviPros - In-built in win10, no extra agent required. - less amount of system memory utilized. - less amount of slowness issue in the application. Especially Excel. -Fast detection and classification. -continuous improvement in the solution. Cons - No endpoint discovery - Lack of IDM policies - time-consuming as it takes a long time to apply policies and show incidents on could console  - less visibility into incident forensic.  - Non-friendly with SIEM.
Suriyanarayanan G
Consultant at Scybers
Apr 26 2021

Hi,

I'm looking for a DLP solution. Can you please recommend your top 5 DLP solutions for endpoint and network?

Edwin EzeOsiago1. Forcepoint DLP 2. Symantec DLP 3. Mcafee DLP 4. Digital Guardian DLP 5. Netskope DLP
Velmurugan Arumugam
Head-Enterprise Management Systems at IBM
Mar 23 2021

Does anyone have use cases available for DLP for Web Upload?

Thanks!

Andrei BigdanMost DLP solutions provide monitoring for Web Upload. It can be done in two ways: agent-based module can control what is going to be uploaded and/or network module that is usually connected to the proxy server via iCAP does the same 
Steven Palange
Information Technology Infrastructure Specialist at TLIC

Hi, I'm a consultant looking for a Mac based endpoint antivirus that includes DLP. 

Anyone have any ideas aside from https://www.endpointprotector.com/ who just raised their pricing by over 100%.



Andrei BigdanAntivirus and DLP are separate products even for vendors that provide both. Of course you need to understand what DLP features comply you best. There are three common approaches: 1) DLP by content. Classical DLP Suites utilize fingerprinting (Forcepoint, McAfee, GTB, Symantec, etc.). Doing content detection by only keywords and regular expressions it's a way to mess of false-positives (Trend Micro, Palo alto etc.)  2) DLP by context. Digital Guardian is the only true endpoint DLP within this approach. 3) DLP on/off. The most stupid way is to block or pass everything by rule ON or OFF (without checking content or context). I even can't name this solutions as DLP. For your case GTB DLP or Digital Guardian is an answer. Of course if you forget to insist to contain antivirus. Digital Guardian works as endpoint security too because it prevents access from ransomware to confidential data and could check signatures via Virus Total, but it is still not antivirus, it's rather EDR (endpoint detection and response) that is much efficient than any traditional antivirus.
Mahesh Chenchalapuyou cant get DIP and antivirus in a single app, DIP and ANTIVIRUS both are different applications, you have to purchase separately.