Monitoring and preventing data leaks

Kaspersky Security allows you to track and prevent data leakage on SharePoint websites by means of policies.

A policy is a collection of application settings that provide protection against data leaks. The policy defines the conditions on which users can handle confidential data, as well as actions that must be taken by the application when possible data leakage is detected.

According to the policy, the application scans files uploaded to SharePoint, using the following settings:

• By the name of the user account under which the file is uploaded
• By the address of the SharePoint website to which the file is uploaded
• By the match between data in the uploaded file and data in the category

If the conditions set for file upload to SharePoint meet the settings defined in the policy, the application registers a policy violation.

A policy violation means user actions leading to a violation of the conditions applied to the handling of confidential data on SharePoint® servers. The application views an event as a policy violation if the user specified in the policy uploads to a SharePoint website some data from a category prohibited by the policy.

You can set up actions that the application will take in case of a policy violation, in accordance with one of the following scenarios:

• If you want to prevent leakage of data protected by the policy, we recommend that you configure the policy so that Kaspersky Security blocks files from being uploaded by users to SharePoint websites. This option is recommended if leakage of protected data poses a threat for data security in the organization.

  You can additionally set up notification delivery to email addresses in order to receive up-to-date information about policy violations

• If you want to track possible leakage of data protected by the policy, we recommend that you configure the policy so that Kaspersky Security does not block files from being uploaded to SharePoint websites. The application will not affect user activities on SharePoint servers. This option is recommended if information about policy violations is analyzed during incident management.

Policy adding scenario

Before adding a policy, we recommend that you create relevant data categories or select relevant data categories in the list of preset categories.

1. In the list of categories and policies, select the category, which contains data that you need to protect.
2. Create a new policy for the selected data category.

   Multiple policies can be added for a single category.

The application will track and / or prevent data leakage if the policy is active.

See also Adding a file to exclusions by web address New Policy Wizard Searching for policies by users Deleting a policy

Page top