Just a quick query if I may on the wording in the Device Control Data sheet. We are licensed for Device Control only, The data sheet for Device Control states the following :
Device Control provides extremely granular control
over your sensitive data. Specify which devices
can and cannot be used. Define what data can
and cannot be copied onto allowed devices. And
restrict users from copying data from specific
locations, such as a file server that stores propriety
information, and from certain applications,
such as an accounting program that generates
I was under the impression that Device Control on it's own could not control WHERE a user copys data from (File Server), what is copied and what applications it's copied from? I though you needed full blown DLP.
Am I wrong ? If not, where in the Device Control policy would such info be set ?
If you are using device control (Host DLP), you can monitor / block file copying from a source to destination based on tagging rules but that would be very basic. Device control is mainly used to control plug and play devices (blocking them for example).
Hope that helps. Do wait for other members to answer.
Device control is meant for Removable storage and Plug and Play device control. You can specify to disable, monitor, make read only on these devices.
Full Host DLP will allow the additional functions of Network communication control, File system control, Email, etc with full content tracking.