DLP Policy to Block Uploading the file type on Web (HTTP/HTTPS)
Contents
Overview
Data loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.
Data can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.
SafeSquid DLP protects organizations from information leaks and data loss at the perimeter and inside the organization, as well as in certain Infrastructure as a Service platforms.
SafeSquid DLP restrict to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites.
You can achieve this simply by allowing the specific file type(s) based on predefined content type(s).
Prerequisite
HTTPS Inspection should be enabled in SafeSquid. If not enabled, you can check our document - How to enable HTTPS Inspection
'Restart SafeSquid service twice from SafeSquid Interface if it is a fresh installation of SafeSquid Appliance Builder (SAB) after activation of the product. 'LINK
Note: When the activation of SafeSquid Appliance Builder (SAB) is done, Restart SafeSquid Service prompt should appear on SafeSquid UI. After restarting SafeSquid service lib-magic library file still doesn't exist, which you can verify from SafeSquid logs. To obtained the status 'libmagic: ok' you have to Restart SafeSquid Service once again from SafeSquid Interface. LINK
Access the SafeSquid User interface
 |
Search Policy : Block Uploads
There are two ways to search any keyword or policy.
Here we are using predefined Profile 'block uploads' created in Access Profiles section. You can check the 'block uploads' profile getting applied in extended logs.
Search Policy : Method 1
You can search the keyword or profile name from Restriction Policies >> Access Profiles. You have to check the each and every Policies and profiles one by one from top to bottom.
Search Policy : Method 2
Click on Search Icon situated on bottom right corner of SafeSquid Interface.
Go to DLP Section Configuration
Select Global Section of DLP as Enabled with TRUE
Configure DLP Policy
Save Configuration
You can save the current configuration to either in your local machine or to cloud. Storing configuration to cloud help you to restore your configuration in other instances.
Note: Creating / Using (predefined) profiles while creation of new policy will be helpful for capturing logs. In future these logs can be helpful to identify general operational details and security concerns.
Example
Generally in corporate sector Users should be restricted to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites.
In this scenario follow below steps:
Step 1 : Go to Categorization Web-site section from SafeSquid GUI and add all whitelisted websites into whitelist category.
Step 2 : Go to policies and Profiles section and create new policy as below.
 |
Step 3 : Create All the three policies under DLP Section from SafeSquid GUI.
Policy 1 : We restrict uploading of files, irrespective of a content type.
Policy 2 : We shall permit text/plain content type to access all websites.
Policy 3 : We allow users for uploading PDF and Microsoft office document files for Whitlisted Sites
 |