This article explains how to monitor if sensitive data is being uploaded to cloud storage services, such as DropBox, using Endpoint Security and Control.
Typically, online storage solutions provide a Windows client application and web based applications for uploading and downloading files to and from their service. By blocking the client application with Application Control and using Data Control to monitor files uploaded, you can monitor sensitive data being transferred to online storage solutions.
Known to apply to the following Sophos product(s) and version(s)
Sophos Endpoint Security and Control 10.0
What To Do
- Use application control to block the locally installed application (used for accessing the online storage service) from running. These type of client applications can usually be found in the 'Online Storage' category of an application control policy in the console. See our Controlled Applications section in the Threat Center for more information.
To request a new software application is added to the 'Online storage' category, use our Application control request form.
- Configure a data control rule to identify sensitive data or specified file types being uploaded into a web browser.
- Add the rule to a new or existing data control policy and allocate the policy to the appropriate group of endpoint computers.
When users upload files with their web browser, the files will be cross referenced with the data control rules. This will ensure any files uploaded to authorized cloud storage solutions will be checked for sensitive data and/or file types.
- For more information on setting up either Application or Data Control policies see the associated Help manual for your console version.
- Use of Application and Data Control components is controlled with your Sophos Update Manager subscription. Available subscriptions are determined by your Sophos license. If you would like further information, want to take a product trial, or upgrade your license click here for further information.