If the requested title not found under the base software, click the In-Scope Software
05- Data loss prevention software
Designated data loss prevention software solutions detect and prevent unauthorized attempts to copy or send sensitive data, intentionally or unintentionally, without authorization, mainly by personnel who are authorized to access the sensitive information. In order to classify certain information as sensitive, these solutions use mechanisms, such as exact data matching, structured data fingerprinting, statistical methods, rule and regular expression matching, published lexicons, conceptual definitions and keywords.
Such systems run on end-user workstations or servers in the organization. Like network-based systems, endpoint-based can address internal as well as external communications and can, therefore, be used to control information flow between groups or types of users. They can also control email and Instant Messaging communications before they are stored in the corporate archive, such that a blocked communication (i.e., one that was never sent and, therefore, not subject to retention rules) will not be identified in a subsequent legal discovery situation. Endpoint systems have the advantage that they can monitor and control access to physical devices (such as mobile devices with data storage capabilities) and, in some cases, can access information before it has been encrypted. Some endpoint-based systems can also provide application controls to block attempted transmissions of confidential information and provide immediate feedback to the user. They have the disadvantage that they need to be installed on every workstation in the network, cannot be used on mobile devices (e.g. cell phones and PDAs) or where they cannot be practically installed (for example on a workstation in an Internet caf�).
