Re: Cloudlock for DLP

[Hiram Wong <hiram.wong () DOMAIL MARICOPA EDU>]

Hey Mahmud,

Thanks for the information.  For further clarification, would this include
images of passports, driver's licenses (jpegs,gifs, etc) or just the
numbers attached in files?  Thanks!

Hiram

On Wed, Jun 27, 2018 at 3:16 PM, Mahmud Rahman <mrahman () mills edu> wrote:

> We've been trying out Google's DLP in monitoring mode over the last few
> weeks, testing with mail and drive for a small set of staff. We got a fair
> number of false positives with credit card numbers and drivers licenses,
> more accurate results with SSN.
>
> -Mahmud
>
> Mahmud Rahman MFA '04
> Director of Systems and Banner Services, ITS
> Mills College, Oakland CA
> (510)430-2257
> mrahman () mills edu
>
> On Wed, Jun 27, 2018 at 2:58 PM, Hiram Wong <hiram.wong@domail.maricopa.
> edu> wrote:
>
> > Hello All,
> >
> > On the same thread but with a twist!
> >
> > We saw a new icon on the Google Admin console top menu this morning...
> > looks like you can set up filters that search for PII based on patterns and
> > mask, and other Data Loss Prevention protections now, maybe for both email
> > and Drive.
> >
> >
> > Has anyone taken it out for a test drive yet?
> >
> > Thanks!
> >
> > Hiram
> >
> >
> > On Wed, Jun 27, 2018 at 2:31 PM, Gael Frouin <gfrouin () berklee edu> wrote:
> >
> > > Hello,
> > >
> > > We use CloudLock with Google Drive and OneLogin for various purposes:
> > >
> > >    - Suspicious logins
> > >    - Broad sharing of sensitive information (contact or address
> > >    details, SSN, credit card numbers, etc.) on Google drive with automated
> > >    responses and notifications to the users.
> > >    - App "filtering" (which is basically removing Oauth authorization
> > >    tokens after the fact on users' accounts for non-authorized services).
> > >
> > > Most rules defined are custom at the moment even though I used to use
> > > some of their default ruleset.
> > > Just PM me if you want more details, I'm happy to discuss.
> > > Gaël
> > >
> > > On Wed, Jun 27, 2018 at 4:03 PM, WALTER KERNER <walter_kerner () fitnyc edu
> > > > wrote:
> > >
> > > > Hi Ernest.  We use CloudLock and are happy with it.  We use it to look
> > > > for FERPA-related data that is shared broadly as opposed to shared only
> > > > with individuals.  CloudLock did a great job tightening the FERPA-data
> > > > alert to minimize false positives.
> > > >
> > > >
> > > >
> > > > When CloudLock discovers potential FERPA data that is broadly shared it
> > > > notifies me and the user and asks them to fix their permissions.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Walter Kerner
> > > >
> > > > AVP and CISO
> > > >
> > > > [image: blue]
> > > >
> > > > 333 7th Avenue, 13th Floor
> > > > <https://maps.google.com/?q=333+7th+Avenue,+13th+Floor+New+York,+NY+10001&entry=gmail&source=g>
> > > >
> > > > New York, NY 10001
> > > > <https://maps.google.com/?q=333+7th+Avenue,+13th+Floor+New+York,+NY+10001&entry=gmail&source=g>
> > > >
> > > > Voice: 212-217-3415
> > > >
> > > >
> > > >
> > > > *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
> > > > SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Ernest Richards
> > > > *Sent:* Wednesday, June 27, 2018 3:36 PM
> > > > *To:* SECURITY () LISTSERV EDUCAUSE EDU
> > > > *Subject:* [SECURITY] Cloudlock for DLP
> > > >
> > > >
> > > >
> > > > Security listserv members,
> > > >
> > > >
> > > >
> > > > We are looking to implement Cloudlock for DLP in our university,
> > > > specifically with Box, and I have a few questions:
> > > >
> > > >    - Has anyone been successful using Cloudlock with Box?
> > > >    - Does anyone currently use Cloudlock’s automated responses for any
> > > >    platform?
> > > >    - Do you have any other experiences with Cloudlock that you’d be
> > > >    willing to share?
> > > >
> > > >
> > > >
> > > > Please feel free to send me a message personally with any information
> > > > you can provide. I sincerely appreciate any advice or insight you can
> > > > provide.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Thank you,
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Ernest Richards
> > > >
> > > > Network Security Analyst
> > > >
> > > > ITS – Infrastructure Services
> > > >
> > > > California State University, Bakersfield
> > > >
> > > > https://www.csub.edu/its
> > > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.csub.edu-252Fits-26data-3D02-257C01-257Ccdan-2540microsoft.com-257Cf2cd2f1018e140bcf33108d4ea727e4c-257C72f988bf86f141af91ab2d7cd011db47-257C1-257C0-257C636391224895209304-26sdata-3D-252FPCTO4xjXHRwKJhJSea6amGEanVkPh6-252FXJsnIc6uICk-253D-26reserved-3D0&d=DwMFAg&c=8Ipd-S27WuaKn7LZs55QTnbDbMQSs_VN5Yh9G3ue5PM&r=keBDy0Wzm68-xt93anNQd2hXOXqSx4B55-yGpNE9AeE&m=lH8TXNFJnrR6GzosyMpopR5ePXyVUoLFnFa_BRicWbk&s=Ah5e7mH0RpHk7buDpMVT9NhdWQtrSPnpg1RC-3Jafqc&e=>
> > > >
> > > > https://twitter.com/itscsub
> > > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Ftwitter.com-252Fitscsub-26data-3D02-257C01-257Ccdan-2540microsoft.com-257Cf2cd2f1018e140bcf33108d4ea727e4c-257C72f988bf86f141af91ab2d7cd011db47-257C1-257C0-257C636391224895209304-26sdata-3DW8H2XI759mA7wN4OhLF7yaPJ4-252F9j8tLsBJbrZZh3qiI-253D-26reserved-3D0&d=DwMFAg&c=8Ipd-S27WuaKn7LZs55QTnbDbMQSs_VN5Yh9G3ue5PM&r=keBDy0Wzm68-xt93anNQd2hXOXqSx4B55-yGpNE9AeE&m=lH8TXNFJnrR6GzosyMpopR5ePXyVUoLFnFa_BRicWbk&s=Nmbj9PlQtc9gLtepxeAWmr6VXA0g35_oPytprQ6hMZY&e=>
> > > >
> > > >
> > > > 661-654-3432
> > > >
> > > > erichards1 () csub edu
> >
> >
> > --
> > [image: eSig Logo]
> > Hiram Wong, CISA
> > Information Security
> > 2411 West 14th Street, Tempe AZ 85281
> > <https://maps.google.com/?q=2411+West+14th+Street,+Tempe+AZ+85281&entry=gmail&source=g>
> > phone | 480-784-0519
> > email | @domail.maricopa.edu
> > website | https://www.maricopa.edu
> > [image: eSig facebook] <https://www.facebook.com/maricopa.edu>[image:
> > eSig twitter] <https://twitter.com/mcccd>[image: eSig linkedin]
> > <https://www.linkedin.com/company/maricopa-community-colleges>[image:
> > eSig youtube] <https://www.youtube.com/user/themcccdEDU>[image: eSig
> > instagram] <https://instagram.com/maricopacc/>
> >
> >
> > [image: facebook] <http://www.facebook.com/maricopa.edu>


-- 
[image: eSig Logo]
Hiram Wong, CISA
Information Security
2411 West 14th Street, Tempe AZ 85281
phone | 480-784-0519
email | @domail.maricopa.edu
website | https://www.maricopa.edu
[image: eSig facebook] <https://www.facebook.com/maricopa.edu>[image: eSig
twitter] <https://twitter.com/mcccd>[image: eSig linkedin]
<https://www.linkedin.com/company/maricopa-community-colleges>[image: eSig
youtube] <https://www.youtube.com/user/themcccdEDU>[image: eSig instagram]
<https://instagram.com/maricopacc/>


[image: facebook] <http://www.facebook.com/maricopa.edu>