Hello all, with popularity of IM starting to increase we are looking at a passive evidence rule for IM traffic.
Our on-premise IM application is dealt with by the IM product itself, but we have a few instances of third party IM clients being in use - so I'm looking to capture the text input from those applications.
Is this something DLP can do centrally? We're succesfully using DLP for E-Mail Protection, USB, DVD Burning and Screenshot protection but I cannot find any policy objects for IM applications - so I fear not.
It doesn't cover IM on endpoint. You can monitor what files they send through IM, but not the text they type in.
You can monitor some IM apps at network level using NDLP Monitor.