We are in the process of getting our DLP set up and have added standard SSN and Credit Card rule policies. We have noticed that when you go to most web pages now we are getting Application File Access Protection blocks for txt files, .js files .php files etc. It is also blocking on some with Web Post Protection when you just go to some websites even if you are just viewing and aren’t posting anything.
We could obviously remove the web browsers from the application file access protection and or add file extension exceptions for the false positives that we are seeing but if we do so we are concerned with preventing the DLP from blocking true positives.
The question is, is anyone else running into issues with policies like this when just doing normal web browsing? It is happening for us on almost every site and even prevents Office365 from running sometimes. Does anyone know of any whitepapers or best practices documents about this or have any advice on the best way to deal with this?
We are running agent version 9.4 patch 2
Can you provide further details like have you selected any specific application for this or it does selected Application based on TIE reputation?
Please check this option from your File access Protection rule and post..