Educause Security Discussion mailing list archives
Re: Data Loss Prevention (DLP)
From: Eric Lukens <eric.lukens () UNI EDU>
Date: Wed, 15 Feb 2017 08:59:44 -0600
Many students also provide their sensitive data via email when applying for jobs, typically small to mid-size places. While employers shouldn't do that, it happens all the time. -Eric On Tue, Feb 14, 2017 at 6:05 PM, James Valente <jvalente () salemstate edu> wrote:
We're running Identity Finder (now Spirion Sensitive Data Manager, but we haven't updated yet) on a few endpoints and it has helped to purge any sensitive docs students have left on public workstations. We had also previously enabled DLP on our Barracuda's outbound queue. That worked immensely well for catching data with SSNs and CC numbers that should not have been going out. However, because student email was flowing through the Barracuda, we had to disable it temporarily because it was flagging, and quarantining, every email where a student or employee was emailing their own tax information. While this isn't a recommended or safe practice, our concern is primarily employees emailing data belonging to the University, students, or employees (other than the sender). --James ------------------------------ *From:* The EDUCAUSE Security Constituent Group Listserv [ SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Jeff Borton [ jborton () SCHOOLCRAFT EDU] *Sent:* Monday, February 13, 2017 16:02 *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Data Loss Prevention (DLP) Just wondering if there is anyone using Data Loss Prevention technology as part of their security arsenal. If so what product are you using? Has the product actually prevented any exfiltration. *Jeff Borton* *Executive Director of Information Security & Networking* *jborton () schoolcraft edu <jborton () schoolcraft edu>* *734.462.4446* [image: cid:image002.png@01CF177E.5A2F4840] <http://www.schoolcraft.edu/maps/livonia.asp> CONFIDENTIALITY NOTICE: This message and any included attachments are from Schoolcraft College and are intended only for the addressee. The information contained in this message is confidential and any unauthorized forwarding, printing, copying, distribution, or use of such information is strictly prohibited and may be unlawful.
-- ============================================================ Eric C. Lukens IT Security Compliance & Policy Analyst Information Security Innov Teaching & Tech Ctr 117D University of Northern Iowa Cedar Falls, IA 50614-0301 (319) 273-7434 http://www.uni.edu/elukens/ ============================================================
Current thread:
- Data Loss Prevention (DLP) Jeff Borton (Feb 13)
- Re: Data Loss Prevention (DLP) McCrary, Barbara (Feb 13)
- Re: Data Loss Prevention (DLP) James Valente (Feb 14)
- Re: Data Loss Prevention (DLP) Eric Lukens (Feb 15)
- Re: Data Loss Prevention (DLP) Frank Barton (Feb 15)
- Re: Data Loss Prevention (DLP) James Valente (Feb 15)
- Re: Data Loss Prevention (DLP) Jeff Borton (Feb 15)
- Re: Data Loss Prevention (DLP) Eric Lukens (Feb 15)
- Re: Data Loss Prevention (DLP) Jeff Borton (Feb 21)