Symantec™ Data Loss Prevention Enforce Platform is the central web-based management console and incident repository that is used across all Symantec Data Loss Prevention products. It is where you define, deploy and enforce data loss policies, respond to incidents, analyze and report policy violations, and perform system administration. Enforce Platform is deployed on a single server and is supported by an Oracle® database, which stores historical incident and system information.
Comprehensive data detection technology
Enforce Platform accurately detects all types of confidential data, wherever it is stored or used. It uses three classes of detection technologies to provide complete and accurate coverage across your endpoint, network, and storage systems:
Describing protects structured and unstructured data by looking for content matches on keywords, expressions or patterns, and signatures.
Fingerprinting protects structured and unstructured data by looking for exact or partial content matches on indexed data sources and documents.
Learning protects unstructured textual data by building a statistical model using example documents and calculating content similarity.
Describing, fingerprinting, and learning are critical to achieving high detection accuracy and preventing data loss. Without accuracy, your Data Loss Prevention system will generate numerous false positives and negatives. False positives waste limited time and resources on investigating and resolving incidents that do not actually violate security policy. False negatives obscure gaps in security by allowing data loss and putting your organization at risk of a breach.
- Described Content Matching protects structured and unstructured data; it is best used when it is impossible or impractical to collect all the content to be indexed.
- Exact Data Matching protects structured data, typically stored in a database, and is designed to scale to very large data sets (e.g. hundreds of millions of records).
- Indexed Document Matching protects unstructured data stored in documents and detects exact and derivative content matches.
- Vector Machine Learning is a new and exclusive Data Loss Prevention technology that protects unstructured text by training the system using example positive and negative documents.
How it works
- A major credit agency uses Exact Data Matching to fingerprint every United States citizen’s personally identifiable information (PII) – first name, last name and social security number – stored in their customer database.
- A large high tech company uses Vector Machine Learning to protect millions of lines of source code stored across highly distributed repositories.
Proven policy authoring and tuning framework
Enforce Platform enables you to write policies once and enforce them everywhere. With our out-of-the box policy templates, data identifiers, and solution packs, you can quickly and easily reduce data loss risk starting on day one.
- Policy templates for national and international data privacy laws and regulations, including The Health Insurance Portability and Accountability Act (HIPAA), payment card industry (PCI), and European Union Data Protection Directive.
- Data identifiers combine pattern matching with data validators to accurately detect national identifiers and other PII.
- Solution Packs contain pre-configured policies, response rules, user roles, and reports tailored for specific industries, including financial services, healthcare, and federal.
How it works
A multinational company with offices in the United States and Europe uses the European Union Data Protection Directive policy template to monitor bank card numbers in outbound email.
Comprehensive reporting and remediation workflow
Ninety percent of data loss prevention (DLP) is about what you do after you find sensitive data. Enforce Platform is where you can view reports, automatically notify users of violations, and enable automatic workflow responses. Comprehensive incident reporting and remediation enables you to take the right action at the right time and communicate data loss risk to your business units.
- Automated remediation workflow allows you to take action immediately without administrator or user intervention: notify user, request justification, encrypt email or file, quarantine file, or block action.
- One-click smart responses combine multiple responses to reduce incident remediation time: change status, send notification, add note, or apply file protection.
- Out-of-the-box and custom reports provide all of the functionality needed to support compliance and audits, gain visibility, identify data loss risk trends, and empower business units to secure sensitive data.
How it works
The chief information security officer (CISO) at a major bank uses incident reporting to regularly communicate risk and engage business data owners in data loss prevention.
Broad integration capabilities with open platform
Symantec Data Loss Prevention offers the greatest flexibility to extend your DLP capabilities. The Symantec™ Data Loss Prevention FlexResponse™ Platform is an exclusive application programming interface (API) that integrates with third-party services and automatically applies protection to exposed files.
- Email and file-based encryption integration with PGP™ NetShare from Symantec™, PGP™ Universal Gateway Email from Symantec™, and Symantec™ Endpoint Encryption Removable Storage Edition.
- Enterprise Rights Management integration with Microsoft® Windows Rights Management Services (RMS), Oracle® Information Rights Management (IRM), Liquid Machines™, and GigaTrust™.
- Security Information and Event Management (SIEM) integration provides easy export of incident information to SIEM systems, including Symantec™ Security Information Manager.
How it works
When a user tries to copy a file containing cardholder data to a USB, Data Loss Prevention triggers Endpoint Encryption to encrypt the file via FlexResponse.
Online exchange for policy collaboration and content
Stay ahead of updates to data privacy regulations and newly released technologies through the Symantec Data Loss Prevention Exchange, a new online community for current users of Data Loss Prevention.
- Access to new policy content independent of release cycles and product versions.
- Collaborate on policy best practices and content with Data Loss Prevention users and partners.
Technical Specifications & System Architecture
Language and localization support
Data Loss Prevention offers broad language and localization support for international deployments, including policy authoring, detection, end-user notifications, and localized operating systems:
- Detection support for more than 25 languages, including Hebrew, Arabic, languages in Western and Central Europe, and Asia.
- User interface support for Chinese, Spanish, English, Brazilian Portuguese, Russian, Japanese, French, and Korean.
Additional Symantec Data Loss Prevention Products
Symantec delivers a proven solution to discover, monitor, protect, and manage confidential data wherever it is stored or used.
Symantec Data Loss Prevention for Endpoint
- Symantec™ Data Loss Prevention Endpoint Discover scans for sensitive data stored on laptops and desktops in order to inventory, secure, or relocate the data.
- Symantec™ Data Loss Prevention Endpoint Prevent monitors and blocks confidential data from being transferred, sent, copied, or printed by desktop or laptop users.
Symantec Data Loss Prevention for Network
- Symantec™ Data Loss Prevention Network Monitor inspects all network communications for sensitive data.
- Symantec™ Data Loss Prevention Network Prevent Email redirects, quarantines, or stops outbound messages containing sensitive data.
- Symantec™ Data Loss Prevention Network Prevent Web stops or removes sensitive data from outbound web communications.
Symantec Data Loss Prevention for Storage
- Symantec™ Data Loss Prevention Network Discover identifies sensitive data exposed on file servers, collaboration platforms, websites, desktops, laptops, and other data repositories.
- Symantec™ Data Loss Prevention Data Insight Enterprise is for governance of unstructured data.
- Symantec™ Data Loss Prevention Network Protect remediates exposure of sensitive data.