Can Acronis DeviceLock DLP function without internet connection?

There are two different sets of DLP policies, Regular and Offline, which are automatically applied to a controlled endpoint by Acronis DeviceLock DLP agents depending on its network status. The Offline policy can be triggered by the laptop using either cached or confirmed Windows credential authentication, whether it can connect to any of its known Acronis DeviceLock Enterprise Servers, or if in a wired vs. unwired state.

Is Acronis DeviceLock DLP capable of “passive mode” functioning, i.e. not restricting data transfer, but logging and shadow copying?

Yes, Acronis DeviceLock DLP is capable of functioning in any administrator set mode. We also call this “observation mode”. In cases where access to ports, devices, or network protocols is not blocked or content-filtered by policy, logging and data shadowing policy can be actively logging and keeping records in audit and shadow logs in “passive mode”. If there is a restrictive access policy active, Acronis’ DLP solution blocks the transfer and prevents data leakage on a controlled endpoint in real time.

Is there an option to configure various access control policies for laptops in- and out of the corporate network?

Yes, there is. Acronis DeviceLock DLP supports various on- and off-corporate-line security policies. This way you can have one policy when the laptop is behind the firewall or DMZ and a totally different policy when the laptop is out in the wild, strengthening DLP security.

Solutions for businesses
Data loss prevention (DLP)

Solutions for businesses

Endpoint data loss prevention (DLP)

It’s easy for sensitive information on endpoint computers to escape your organization through peripheral devices, local interfaces, and various network channels. Data leaks can lead to severe financial and reputational damage, loss of trade secrets, and expensive regulatory fines and litigation. To prevent leakage due to employee negligence or malicious insiders, you need data loss prevention (DLP) capabilities that block any unauthorized attempts to transfer sensitive data.

…

Safeguard clients with advanced managed anti-malware protection

Block unauthorized device and network access

Proactively prevent data leakage by allowing access only to devices, peripherals, and network communication channels such as email, instant messengers, and social media, that are required for business operations. Block access to unauthorized local and network channels on corporate computers. Enable business operability by specifying whether protected endpoints may only receive data via the controlled channels (read-only/receive-only) or if they may also use it for data transfers.

Stop data leaks at the source with complete endpoint DLP

Acronis DeviceLock DLP provides comprehensive endpoint DLP – discovering and protecting sensitive data while monitoring the operations involving that information.

An enterprise DLP that’s easy to learn, deploy, and manage.

Call sales +1 781 791 4486

Comprehensive control of outgoing network communications

Reduce the risk of sensitive data leaving your company through network channels (plain or SSL-encrypted communication) by applying context- and content-based controls to outgoing messages, attachments, and file uploads.

Emails and webmails
Apply granular DLP controls to outgoing emails and attachments, including text recognition in inline images, and attached graphical files. Allow communication only via specific mail services or from and to particular email addresses. Restrict users’ ability to send email attachments.
Collaboration and messaging tools
A unique technology allows you to control the content of files and messages transferred via instant messengers such as Skype, Zoom, or Viber. You can even allow or deny communication between specific users, including media calls.
Social media
Control access to social media and apply content-aware DLP controls when sending messages, comments, posts, or uploading files, including text recognition in images. Allow users to access social media in “view-only” mode, to ensure no leakage of sensitive information.

Don’t let any sensitive data escape your organization with granular DLP controls

Control sensitive data transfer to cloud file storage

Ensure users are allowed to perform only operations necessary for the business across cloud file storage platforms. Allow or deny access to specific cloud file storage and apply context- and content-based controls to both uploaded files and comments, including text recognition in images. Restrict the access permissions for specific users or groups to download-only to effectively prevent data leaks.

Control clipboard usage and screenshot captures

Prevent data leaks at their earliest stage – when data is copied or transferred via the clipboard. Selectively allow or deny the copying of specific data types or content within an application or between them. Control PrintScreen usage or third-party screenshot capturing tools. Restrict operations based on the textual content detected in copied images with a built-in optical character recognition technology.

Limit data copying only to secure removable media

Neutralize one of the primary vectors of data leakage — uncontrolled use of removable media, which enables stealthy exfiltration of data from corporate endpoints. Allow users to safely copy data only to specific, company-approved USB devices, including ones protected with third-party software or hardware encryption.

Enable security investigations with user activity monitoring (UAM)

Expand your evidence base for security incident investigations and simplify the detection of access privilege misuse by recording user activity based on system state, or DLP policy violations. Record the user’s computer screen together with on-screen actions, keystrokes, and information about applications that were used on the computer during recording, and store it in a central DLP log database for analysis.

Prevent data leaks in remote desktop sessions

Remote virtualization solutions can be used by employees to access business systems via remote terminals or BYOD devices. If data flows between desktop sessions and peripherals redirected from remote terminals aren’t controlled, users can easily transfer data from virtual corporate desktops to their personal devices. With Acronis DeviceLock DLP, you can restrict data flows from centrally hosted virtual desktops and applications to remote terminals and BYODs only when it is needed for the business, while blocking any unnecessary outgoing data transfers — proactively preventing data leakage.

Proactively protect data at rest across the organization

Find exposed sensitive content stored across the organization (corporate endpoints, network attached storage systems, file shares, Elasticsearch databases) and protect it with automatic, configurable remediation actions. Gain visibility and control over confidential “data at-rest” stored across the IT environment for proactive data loss prevention and increased compliance with regulatory and corporate data security requirements.

Stop data leaks at the source with complete endpoint DLP

Acronis DeviceLock DLP provides comprehensive endpoint DLP – discovering and protecting sensitive data while monitoring the operations involving that information.

An enterprise DLP that’s easy to learn, deploy, and manage.

Call sales +1 781 791 4486

Sorry, your browser is not supported.

It seems that our new website is incompatible with your current browser's version. Don’t worry, this is easily fixed! To view our complete website, simply update your browser now or continue anyway.