I'm trying to set Host DLP to monitor which users are accessing any file on a shared folder. I've been trying to set tagging rules based on the share location and then set a protection rule for system files but the only thing I can do is allow or deny file creation but not register activity on file access.
Anyone knows if it's possible to only monitor file access on a shared folder?
Thanks in advance.
Well, I finally found how to monitor any access to files on a shared folder using tagging rules and an Application File Access Protection Rule.
Now next thing I need to do is blocking access to any file on this folder except for authorised users but I can't see whick kind of rule could do this, anyone can help me?
Can you provide more information on the share, it's server and the clients please?
Controlling access to a share is not something DLPe is designed to do however you can tag files from that share if they are transferred to the endpoint. However having said that please provide more details and it'll help with any solution.
Global Support Engineering Operations
Hi Chris, thanks for your help.
All of this is about a specific folder located under a domain server. This folder can be accessed by any domain user (there are differet kind of files like pdf, office docs, etc...) and my customer wants to know if we can block access to these files (i.e. they shouldn't be able open files directly from within the folder nor transfer the files to the endpoint) for any domain user except for a specific AD group that would have full access to the folder and any file inside.
I managed to only monitor access to files inside the shared folder but I don't know if it's possible to deny acces to them depending on which AD group you belong to. Maybe, as you told before, DLP is not a product designed this way?
Thanks in advance,
DLP products are not a replacement for products designed for access management.
For the requirement you mentioned earlier:
and my customer wants to know if we can block access to these files (i.e. they shouldn't be able open files directly from within the folder nor transfer the files to the endpoint) for any domain user except for a specific AD group that would have full access to the folder and any file inside.
you don't need another product. Just setup the share permissions to allow only authorized users.