Re: Data Loss Prevention (DLP)

[James Valente <jvalente () SALEMSTATE EDU>]

We're running Identity Finder (now Spirion Sensitive Data Manager, but we haven't updated yet) on a few endpoints and 
it has helped to purge any sensitive docs students have left on public workstations.

We had also previously enabled DLP on our Barracuda's outbound queue. That worked immensely well for catching data with 
SSNs and CC numbers that should not have been going out.  However, because student email was flowing through the 
Barracuda, we had to disable it temporarily because it was flagging, and quarantining, every email where a student or 
employee was emailing their own tax information.  While this isn't a recommended or safe practice, our concern is 
primarily employees emailing data belonging to the University, students, or employees (other than the sender).


--James
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Jeff Borton 
[jborton () SCHOOLCRAFT EDU]
Sent: Monday, February 13, 2017 16:02
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Data Loss Prevention (DLP)

Just wondering if there is anyone using Data Loss Prevention technology as part of their security arsenal.

If so what product are you using?  Has the product actually prevented any exfiltration.

Jeff Borton
Executive Director of Information Security & Networking
jborton () schoolcraft edu<mailto:jborton () schoolcraft edu>
734.462.4446

[cid:image002.png@01CF177E.5A2F4840]<http://www.schoolcraft.edu/maps/livonia.asp>

CONFIDENTIALITY NOTICE: This message and any included attachments are from Schoolcraft College and are intended only 
for the addressee. The information contained in this message is confidential and any unauthorized forwarding, printing, 
copying, distribution, or use of such information is strictly prohibited and may be unlawful.