As most companies need these devices for productivity and day-to-day operation, disabling them is not a viable option. Additionally, some endpoints can be set as disabled via the operation system yet not be fully disabled and still pose a risk to unauthorized entry and malware attacks.

Data leakage can come in any form but one of the most serious problems is the loss of data that users are authorized to access and copy from trusted zones security zones. This data once portable too often finds its way outside the trusted security zone where it is exposed.

It takes a comprehensive approach to deal with data leakage. The following is a short list of capabilities that the EAM products support that entails monitoring, alerts and blocking functionality

• Limiting user to read only - Unauthorized copying of all file type
• Authorizing copying by file type
• Restricting copying based on content using Regular Expression content filtering e.g. Search for credit card number formats in MS office files. (Enterprise edition only)
• Limiting the volume/size of content that can be transferred
• Prohibiting the copy of unencrypted data – only encrypted data can be copied
• Locking any device that attempts a prohibited copy
• Preventing malware from being copied onto the company system
• Preventing wireless WiFi/Bluetooth/infrared/etc. transmissions
• Limiting use to only authorized hardware and specific devices

By restricting and monitoring what the users copy and transfer over the endpoint, data prevention policies can be applied to protect against human errors and employee abuses.

For additional information visit our Insights area for related links.