DeviceLock DLP

Stop data leaks at the source with complete endpoint data loss prevention (DLP)

Try now
No credit card required

Control data flows in local and network channels

No data leaks missed

  • Clipboard control

    Clipboard control

    Block data leaks at their earliest stage – when data is transferred between applications and documents. Control user access to objects of different data types copied into the clipboard (even for redirected BYOD devices) and filter textual data with content-aware DLP policies.
  • Screen capturing control

    Screen capturing control

    Prevent data theft by blocking screenshot operations via Windows PrintScreen or screen capturing features of third-party apps for certain users or groups. Textual data in captured screen images can be extracted and filtered according to content-aware DLP policies.
  • True file type control

    True file type control

    Acronis DeviceLock DLP looks into a file’s binary content to determine its true type, regardless of file name and extension. This can control access to over 5,300 file types for removable media, as a part of content analysis, or for pre-filtering of shadow copies to reduce the volume of captured data.

Gain deeper visibility and control over data protection

Powerful content-aware controls

  • Content filtering

    Content filtering

    Protect sensitive content from leaking by analyzing and filtering the textual and binary content of data accessed or transferred via local and network channels. Content filtering also recognizes and uses classification labels assigned to documents and files by Boldon James Classifier products.
  • Optical character recognition (OCR)

    Optical character recognition (OCR)

    Prevent leakage of sensitive data in a graphical format with a built-in OCR engine can extract and inspect pieces of text from more than 30 graphical formats in more than 30 recognized languages – even for endpoints outside the corporate network. Reduce the network load with a distributed OCR architecture.
  • True file type control
    Local sync

    True file type control

    Acronis DeviceLock DLP looks into a file’s binary content to determine its true type, regardless of file name and extension. This can control access to over 5,300 file types for removable media, as a part of content analysis, or for pre-filtering of shadow copies to reduce the volume of captured data.

Centralized management and deployment

Ease the labor-intensive and resource-consuming processes of DLP deployment and managment by choosing from a flexible set of central management consoles with the same UI. Depending on the organization’s IT environment, SMBs or large enterprises can choose the console that best fit their needs.

Centralized management and deployment
  • Active Directory integration
    Cut learning times and administrative efforts with a console based on the custom Acronis DeviceLock MMC snap-in to the Microsoft Group Policy Management Console used as the Active Directory Group Policy interface. This native integration enables Acronis DeviceLock DLP agents to be deployed and fully managed via Group Policies.
  • Non Active Directory environments
    In non-AD environments, administration is done through Acronis DeviceLock Enterprise Manager, a native Windows app that runs on a separate computer. DLP policies are delivered to all agents (pushed or pulled) via Acronis DeviceLock Enterprise Server (DLES).
  • Directory-less installations
    In such IT environments, e.g. in a Windows for Workgroups network, as well as for managing Acronis DeviceLock Discovery, the custom Acronis DeviceLock MMC snap-in can be used to remotely manage agents on per-endpoint basis.

Proactive protection

  • Tamper protection

    Tamper protection

    Enforce process compliance by preventing tampering with DLP policy settings locally on protected endpoints, even by users with local system administrator privileges. Only designated Acronis DeviceLock DLP administrators can uninstall or upgrade the agent, or modify DLP policies.
  • Printing security

    Printing security

    Control network and local printing from Windows endpoints by enforcing DLP policies over user access and content of printed documents for network, local, and virtual printers. Ensure higher data security by intercepting and inspecting print spooling operations, allowlisting of USB-connected printers, and print data shadowing.
  • Network-awareness


    Administrators can define different online vs. offline DLP policies for the same user or user group. A reasonable and often necessary setting on a mobile user’s laptop, for example, is to disable Wi-Fi when docked to the corporate network and enable it when undocked.


Allow granular controls over data access and transfer operations with the ability to manage exclusions to general DLP rules through wide allowlisting capabilities.

  • Core
    USB allowlist
    Allows administrators to authorize a specific model of devices or particular device, distinguished by a unique identifier such as a serial number, to access the USB port, while locking out all other devices.
  • Core
    Media allowlist
    Ease the distribution of authorized software by authorizing the use of specific DVD, BD, and CD-ROM disks, uniquely identified by data signature. Granularly control authorized users and groups that can access them.
  • Core
    Temporary USB allowlist
    For using USB devices on endpoints working out of the corporate network, a temporary access to a USB-connected device can be provided by issuing an access code delivered to the user out of-band, rather than through regular Acronis DeviceLock DLP permissions procedures.
  • NetworkLock
    Protocols allowlist
    Allowlist specific network communications and define whether content-aware rules to be applied to thembased on IP address, address range, subnet masks, network ports and their ranges, network protocols and applications, SSL-protected traffic, web resources (URLs), sender or recipient email addresses and identifiers in IMs.

Increase process compliance

  • Virtual DLP

    Virtual DLP

    Prevent data leaks via BYOD devices when using leading remote virtualization solutions. Running on a VDI host or terminal server, Acronis DeviceLock DLP enforces context- and content-aware controls over data exchanges between the virtual workspace and the personal part of the BYOD device, its local peripherals, and the network.
  • Removable media encryption integration

    Removable media encryption integration

    Increase data security when copying information to removable media by allowing data to only upload to removable storage encrypted by a set of best-of-breed, integrated encryption solutions. Selectively allowlist encrypted USB media to strengthen internal compliance.
  • Alerting


    Shorten reaction times with real-time notifications on DLP-sensitive user activities on protected endpoints within and outside the corporate network. Acronis DeviceLock DLP provides SNMP, SYSLOG, and SMTP based alerting capabilities to SIEM systems and administrators.


To ease information security auditing and compliance reporting and gain deeper visibility into data flows and data protection, Acronis DeviceLock DLP offers a wide choice of reporting capabilities.

  • Graphical reports
    Graphical reports - based on audit and shadow logs.
  • Permissions reports
    Permissions reports - display permissions and audit rules set on all endpoints across the network.
  • Plug-and-play device
    Plug-and-play device reports - display USB, FireWire, and PCMCIA devices currently or historically connected to endpoints in the network.
  • User Dossiers reports
    User Dossiers reports – presents a collection of end-user action statistics in a graphical format in a single user card, presenting user behavioral analysis with “loyalty” index, and communication flows. The information is automatically updated on a schedule or during low server load periods.

Comprehensive log collection for increased visibility

  • Auditing


    Track user and file activities for specified device types, ports, and network resources on a computer and collect logs with GMT timestamps centrally in a Microsoft SQL or Postgres database. Pre-filter audit activities by event and context. Audit logs can be exported to many standard file formats for use in other reporting tools.
  • Data shadowing

    Data shadowing

    Enable security compliance auditing, incident investigations, and cyber forensics by mirroring data transferred without authorization via local and network channels. Leverage data shadowing that’s triggered based on operations context and content. Pre-filter shadow activities for network load balancing.
  • Monitoring


    Monitor remote computers in real-time with Acronis DLES, checking agents’ status, policy consistency, and policy integrity and writing information to the monitoring log. Define a master policy to be applied across selected remote computers in the event that their current DLP policies are out-of-date or damaged.
  • Core
    Prevent credentials and data leakage by detecting USB keyloggers and blocking their activities. Acronis DeviceLock DLP obfuscates PS/2 keyboard input and forces PS/2 keyloggers to record random entries instead of the real keystrokes.
  • Universal
    RSoP support
    Increase visibility into data security by using the Windows standard Resultant Set of Policy (RSoP) snap-in to view the DLP policies currently being applied, as well as to predict what policies would be applied in a given situation.
  • Universal
    Traffic shaping
    Reduce network load with a Quality of Service (QoS) feature that allows to define bandwidth limits for sending audit and shadow logs from Acronis DeviceLock Agents to Acronis DeviceLock Enterprise Server.
  • Universal
    Stream compression
    Decrease the size of data transfers and reduce network load with an ability to compress audit logs and shadow data pulled from endpoints by Acronis DeviceLock Enterprise Server service.
  • Universal
    Optimal server selection
    For optimal transfer of audit and shadow logs to the central log database, Acronis DeviceLock agents can automatically choose the fastest available Acronis DeviceLock Enterprise Server from a set of available servers.

Acronis DeviceLock DLP

72% of employees share sensitive information. Prevent any data leaks headed your way.

Looking for help?

Frequently asked questions

  • Can Acronis DeviceLock DLP function without internet connection?

    There are two different sets of DLP policies, Regular and Offline, which are automatically applied to a controlled endpoint by Acronis DeviceLock DLP agents depending on its network status. The Offline policy can be triggered by the laptop using either cached or confirmed Windows credential authentication, whether it can connect to any of its known Acronis DeviceLock Enterprise Servers, or if in a wired vs. unwired state.

  • Is Acronis DeviceLock DLP capable of “passive mode” functioning, i.e. not restricting data transfer, but logging and shadow copying?

    Yes, Acronis DeviceLock DLP is capable of functioning in any administrator set mode. We also call this “observation mode”.

    In cases where access to ports, devices, or network protocols is not blocked or content-filtered by policy, logging and data shadowing policy can be actively logging and keeping records in audit and shadow logs in “passive mode”.

    If there is a restrictive access policy active, Acronis’ DLP solution blocks the transfer and prevents data leakage on a controlled endpoint in real time.

  • Is there an option to configure various access control policies for laptops in- and out of the corporate network?

    Yes, there is. Acronis DeviceLock DLP supports various on- and off-corporate-line security policies. This way you can have one policy when the laptop is behind the firewall or DMZ and a totally different policy when the laptop is out in the wild, strengthening DLP security.

  • What is the critical distinction between Acronis DeviceLock DLP and other competitive DLP solutions?

    First off, Acronis DeviceLock DLP is a best-of-breed enterprise data loss prevention solution (enterprise DLP solution) that is designed exclusively to prevent data leakage at the endpoint layer. It is not an appliance, antivirus, or limited module that you might find in other “endpoint security” protection suites.

    Acronis DeviceLock DLP has no required hardware elements that wouldn’t already be in place, which significantly reduces the typical costs of implementation and maintenance.

    Historically, Acronis DeviceLock DLP evolved as a solution with every necessary feature to prevent data leakage through peripheral devices and ports. Now, compared to competitive port-device control solutions, Acronis DeviceLock DLP has the most features to meet the challenge. Acronis NetworkLock and Acronis ContentLock add-on components advanced the product into the class of fully-featured enterprise DLP solutions by incorporating the most commonly used network channels using the most effective techniques of content analysis and filtering.

    With the integration of the user activity monitor in Acronis DeviceLock in 2020, the solution implements another differentiating feature – allowing you to record user on-screen actions, keystrokes, and running processed, based on DLP-related events.

    The ability to try the solution before buying it is another important competitive distinction of Acronis DeviceLock DLP. Having nothing to conceal from existing and potential customers, we stick to the principle of total transparency by providing a freely available trial version for 30 days.

    Another important distinction of Acronis DeviceLock DLP is the host-resident optical character recognition (OCR), which allows for more thorough content-aware controls not only in network, but also in local channels and for endpoints outside the corporate network.

    Moreover, for network communications, Acronis DeviceLock DLP is the only DLP solution that employs deep packet inspection (DPI) with an universal-application, and web browser-independent controls of user communications via most network protocols and applications. These include SMTP, HTTP/HTTPS, WebDAV, FTP(S), Telnet, as well as Torrent-based P2P file sharing. NetworkLock uses this DPI technology to detect the protocol and application type regardless of the network ports they use.

    Another advantage of Acronis DeviceLock DLP is that all modules are pre-integrated and deployed “sight unseen” with the core platform with module-based licensing that allows for the ability to phase desired modules of the DLP solution into the environment when ready by simply turning licensing on and configuring settings. This reduces the costs and labor contribution to both the initial rollout and ongoing maintenance.

  • Is there a server component of Acronis DeviceLock DLP and what does it serve as?

    There are two server components in the suite: Acronis DeviceLock Enterprise Server (DLES) and Acronis DeviceLock Content Security Server, and both require a Microsoft SQL or SQL Express database. They are referred to as “server” components as they generally need to run on Windows server class operating systems due to the concurrent connection limitations of workstation class clients. They can be hosted on virtual servers or piggyback on existing servers that have available user-connection bandwidth during the day (“backup”, “staging”, “patch” servers, etc.).

    The Acronis DeviceLock Enterprise Server component is not critical to administration and is only necessary if the customer intends to centrally aggregate audit and shadow data for reporting and forensic analysis. In mid-to-large size environments, generally there would be multiple DLES agents used for performing the collection tasks efficiently. The server module does not perform any endpoint management tasks (Acronis DeviceLock DLP agents receive the access control policies either via Active Directory Group Policy GPOs, or directly from DeviceLock administrative consoles), nor does it store DLP policy settings.

    The customer does not need to purchase licenses for the Acronis DeviceLock Enterprise Server component, as it is included with the Acronis DeviceLock Core module licensing that is tied to the number of endpoints being managed. The server can be installed and used in any number of instances required for efficient collection of audit and shadow data. Acronis DeviceLock DLP agents can have audit data and shadow copies pulled back by any number of Acronis DeviceLock Enterprise Servers to the back-end SQL and folder repository. Traffic optimization with stream compression, fastest server response history, and quality of service settings is included.

    The Acronis DeviceLock Content Security Server is an additional component used to perform other security reporting related tasks. There is one server function – Acronis DeviceLock Search Server-DLSS – included now, and more coming.

    The Acronis DeviceLock Search Server provides full-text indexing and search of logged data and shadow files collected by the Acronis DeviceLock Enterprise Servers and placed in the common Microsoft SQL/SQL Express and folder repository. These search capabilities make it easier and more efficient to manage the increasing amount of data in Acronis DeviceLock Enterprise Server databases to validate and/or assist in tuning security policies.

    The Acronis Search Server can automatically detect, index, find and display documents of many formats including Adobe Acrobat (PDF), Ami Pro, archives (GZIP, RAR, ZIP), Lotus 1-2-3, Microsoft Access, Microsoft Excel, Microsoft PowerPoint, Microsoft Word, Microsoft Works, OpenOffice, Quattro Pro, WordPerfect, WordStar and many more.

    Note that in most cases, the customer does need to purchase a separate license to use the Search Server component. Licensing is based on the desired maximum number of searchable documents and log entries.

    Product help

    In case you have any difficulties, we have collected all the useful materials for this product in our FAQ and Documentation. Also you can always ask your question on our Discussion Boards.

    Technical support

    Customers with active product maintenance or subscription are entitled to 24/7 technical support. Follow the instructions at the Technical Support Site to get prompt support by phone, chat or e-mail.

    Sorry, your browser is not supported.

    It seems that our new website is incompatible with your current browser's version. Don’t worry, this is easily fixed! To view our complete website, simply update your browser now or continue anyway.