Data Loss Prevention (DLP)
When DLP scanning is implemented, files are scanned for sensitive data automatically and transparently, before they are viewed or downloaded from the portal by an external user.
Note: Each file is scanned once, on the first attempt to view it or download it by an external user. Subsequent download attempts are allowed or blocked, based on this first scan result.
If an attempt is made to download a file containing sensitive data, the global and portal administrators receive an email notification that access to a sensitive file was blocked, which includes the following information:
The file name and path.The file ownerThe IP address of the user attempting to access the sensitive file.Details of the sensitive file is written to a list of sensitive files. Virtual portal administrators can view this list of sensitive files identified by the DLP servers, to determine if any action is necessary.
Note: If there are multiple files that are identical except for their names, after scanning one file that an external user attempts to view or download, the results of that scan are applied to all the other identical files, without scanning them.
To manage sensitive files:
1 In the administration view for the portal, select Settings > Data Loss Prevention in the navigation pane.
The DATA LOSS PREVENTION page is displayed.
If no sensitive files were scanned, the sensitive block is displayed as follows:
2 Click on a link in the SENSITIVE FILES column to display details of the sensitive files.
The sensitive files in the folder are displayed as well as the owner of the folder.
You can remove all the files from the list by clicking Rescan All Later in the DATA LOSS PREVENTION page or Sensitive Files window or select a sensitive file from the list in the Sensitive Files window and click Rescan Later to remove that file from the list. These files will be rescanned and access blocked the next time an external user attempts to view or download them, as long as DLP scanning is defined.