Tun tun, who is it? close the wall...

share post

Having a corporate DLP can save a company's security managers a lot of headaches and money, why?

Day by day the most important value available to companies is information. This is present in all parts of a company, either as:

  • Information on employees or potential candidates coordinated by the HR department (Internal Information).

  • The information of the clients of a company managed by the sales department (Confidential Information).

  • The company's strategic information for the next 5 years that the CEO must present at a shareholders' meeting (Secret Information).

  • Or any other information that a company handles posting times (Public Information).

This information, present in the form of data, make up files, files, documents that have to be shared or sent to people outside the organization, they can be suppliers, customers or other types of stakeholders with whom it collaborates to get the most out of that data.

For example, in the banking sector, a potential client of the entity that wishes to contract a mortgage, or in the health sector, a laboratory that shares the results of a clinical test with the patient.

data leak

Information protection is based on three basic principles:

  • Confidentiality – Information accessible only to those people or systems that have been authorized.
  • Integrity – No errors or unauthorized modifications
  • Availability – Accessible at the necessary time by authorized people or systems

When an information leak occurs that leads to a decrease in confidentiality caused as a result of a security incident. This incident can have an origin (internal or external) and be intentional or not. The person responsible for safeguarding the information can detect a loss of its integrity and/or availability.

According to a study of Acronis,

76 % of organizations experienced business interruptions and data loss in 2021 as a result of general system failures, human error and cyber-attacks

These 3 out of 4 companies categorize failures that have caused data loss into:

  • General system faults (52%)
  • Human errors (42 % 
  • Cyber attacks (36%)
  • Internal attacks (20%)

In a study conducted by IT Governance highlighted that in 2021 organizations suffered 292 data breaches due to employee errors. Whose most common cause is accident and/or negligence. Includes errors like send information to the wrong person, let physical or digital files in a public place. causes that represent the 51% of all data breaches in the study.

Tranxfer… close the wall!!

transfer is a platform designed to help companies send and/or receive relevant information from companies or people in the form of files. It provides users with a secure means of communication internally or with third parties, helping those responsible for data and technological security to control and minimize the loss of company data.

In this way, it offers a data leak prevention module where the client can configure the control rules that form the necessary security policies to close the wall possible human errors and minimize these types of violations.

How to configure Tranxfer DLP

For set up a rule security in Tranxfer you have to access this DLP module and with the option Add the first rule is created.

In this way, we access a screen to configure the first rule:

The possible fields to set up in a security rule are:

  • protection type
    • Global
      The rule affects the entire company
    • Cluster
      The rule affects the indicated user group
  • Ready
    • black
      If the regular expression match with that of the ruler, violates the same.
    • White
      If the regular expression it does not match with that of the ruler, violates the same.
  • Policy Type
    • file content
      Regular expression validation against file content
    • Addressee
      Validation of the regular expression with the recipient of the transfer, it can be an email or a domain.
    • file metadata
      Regular expression validation against file metadata tags.
    • Filename
      Validation of the regular expression with the name of the file, it can be the name of the file and/or its extension.
    • Type of file
      Regular expression validation with the mime-type of the file.
  • Validation
    • Keyword/Regular Expression
      The regular expression or the value of the field with the same name is evaluated.
    • CCC
      The predefined regular expression is evaluated to find number of checking accounts.
    • cards
      The predefined regular expression is evaluated to find the number of debit or credit cards.
    • ID
      The predefined regular expression is evaluated to find the ID number.
      The predefined regular expression is evaluated to find number of IBAN accounts.
  • Regular phrase
    Character string or regular expression containing the value or pattern of characters being evaluated.
  • specific
    • tags (file metadata)
      The name of the tag is specified, whose value will be evaluated with the value indicated in the Regular Expression field.
    • Maximum limit repetitions allowed for blocking (file content)
      Maximum number of times a File Content rule can be violated before the rule is violated.
    • Maximum limit repetitions of the same value for blocking (file content)
      Maximum number of times a File Content rule can be violated with the same value before the rule is violated.
  • Send notification/alert
    The recipients to whom the non-compliance alerts will reach by email are specified.
  • exceptions
    The users or user groups that are exceptions to this rule are specified.
Once configured and saved it is displayed in the security policy list as an active rule.
To enjoy this functionality, it is necessary to enable Tranxfer DLP from the Security Policies menu
Configuration Security Policies

From this section we can configure other additional features in the control of the files that leave or enter using the Tranxfer platform.

  • Content validation at reception
    Normally, the validation of file content is carried out from inside to outside the organization, thus controlling the sensitive data of the documents that may violate any security policy. There is an opportunity to activate it in the opposite direction.

  • files with password
    Also, files encrypted with a password and that do not allow both the module itself and the antivirus to do their job correctly can be validated.

  • macro files
    The last option to validate documents would be to check whether or not they have macros.

  • Notification/Alert
    In addition, from this same panel it is possible to indicate that the alerts or notifications of infractions are addressed to one or several users or to a group of users.

When a rule is broken, the user who performs the operation is informed.

This way you regain control of the data…

Like the popular song of the mid-70s, in the face of possible breaches of security policies TunTun, who is it? … (transfer) Close the wall.

More articles