DeviceLock DLP is a software solution that prevents data leaks from corporate Windows and Mac computers, as well as virtualized Windows sessions and applications. DeviceLock DLP implements a full-featured set of contextual and content-aware DLP controls over data-in-use, data-in-motion, and data-at-rest designed specifically for protecting corporate endpoints.
DeviceLock DLP leverages a lightweight enforcement agent installed on every protected computer and a central Group Policy MMC snap-in that is adjustable to any size and type of corporate network. Traditional central consoles that can be used for managing Macs, non-AD LDAP environments, and/or Windows workgroups. Running transparently for users and applications in the scope of normal business processes, DeviceLock Agents detect and prevent unauthorized data access and transfer operations on protected computers through local ports and peripheral devices, as well as popular network applications and services. In addition, DeviceLock Discovery can scan files in file systems of Windows computers, file shares, and storage systems in the corporate network, locate documents with exposed sensitive content stored at prohibited locations, and protect them with configurable automatic remediation actions.
Among unique DeviceLock DLP advantages are its agent-resident DPI inspection for port-independent network communications control and built-in OCR engine for detecting textual data in images; document fingerprinting support for detecting unstructured data content; the ability to use Active Directory as its DLP management platform; and its tamper-proof endpoint agent protected against malicious actions by end users and local system administrators.
By effectively preventing endpoint data leaks, DeviceLock DLP helps organizations minimize related information security risks and achieve compliance with corporate data use policies, IT security standards, and government regulations.