This topic is for ITM / Endpoint DLP rules only.
When you set up a prevention rule, you can enable file retention so that files are retained in external storage. (Currently Microsoft Azure Blob solution is supported.)
From the Settings area of the Prevention rule, select Retain the files.
-
Retain the files: When this option is selected, files that meet the criteria defined in the prevention rule are retained in external storage. You must configure the retention external storage on the Agent realm level for this to work. This option can be used in addition to the blocking and justification options.
Prevention rule options for both blocking and justification can be used with file retention.
For example, a prevention rule is set up that prevents an end user from exfiltrating files with employee ID numbers to any cloud sync folder that is not used by the organization. If an end user tries to upload a file with the sensitive data, one of the following could occur:
-
Blocking: the upload is blocked and the file is copied and retained
-
Justification: the user is prompted to provide a justification for the action, the file is not blocked but it is copied and retained
Related Topics: