Content-Aware Data Leak Prevention (DLP), network and Local Printers are Points of Vulnerability
In securing the network against data leaks, data loss, potential data breach, printers must be considered a point of risk and vulnerability. Printed confidential and sensitive information, if not managed properly, can be transferred to unauthorized personnel within the organization, or even leaked out of the organization.
Data leakage and Data Loss through printers can have catastrophic results, exposing the organization to security, commercial, legal and even criminal risks.
Sentinel's content aware print management system is successfully dealing with both Data Leak and Data Loss problems, sensitive documents are never sent to the wrong printer or left unattended.
Content-Aware Filters Prevent Leaks
In the interests of Data Leak Prevention certain classified or sensitive documents may not be permitted to be printed at all, or printed only under strict controls. While a user may be authorized to print on a printer, restrictions should be put in place to prevent printing documents that contain sensitive information. This is accomplished using content-aware filters that are triggered when keywords, keyword templates or combinations of keywords are identified in the data stream directed to the printer. Sentinel is DLP-capable and identifies sensitive information in the printer data stream before it reaches the physical printer, reacting in real time according to the organization’s policies to protect sensitive material.
Real-time Triggered Responses Reflect Organizational Policy
The Sentinel Data Leak Prevention filter triggers one or more selectable responses that are configured by the system administrator to implement organizational policy. These triggered responses include:
- Prevent the document from being printed
- Route the document to a different (secured) printer
- Send a text message notification to a designated administrator
- Send an email notification to a designated administrator or user
Intuitive Yet Powerful Scripting Language Puts Customer in Charge
The Sentinel Data Leak Prevention software module is configured and customized by the system administrator using an intuitive yet powerful Lua scripting language. This language provides all the capabilities necessary to define content keywords, templates or combinations of keywords that will trigger one or more possible responses.
The keywords can be specific words such as “Confidential” or “Classified” or blocks of text adhering to a specific template, such as a credit card number or a social security number.
Monitoring Mode for Continuous Improvement of DLP Practices
Because of the flexibility of the Sentinel DLP and its powerful scripting language, the printing network can be operated in monitoring mode after the initial installation. Monitoring is accomplished by setting up the trigger response as notification or by viewing the Sentinel DLP filter log that maintains a history of documents that triggered a response and the reason the document’s content was filtered by the system. This gives rich insight into words or document types that may trigger false positives.
The administrator then adjusts the content-aware filters to eliminate false positives while still identifying and handling documents containing sensitive content.