Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 24794 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Confidential information doubt

RPLF

Hi all,

I´m beggining to work with the Sophos DLP, so excuse me if my questions are considered to be "basic" :)

A new SEC customer have several xlsm files containing VBA code on it. They want to make sure that only this files are protected by DLP.

Most of the machines are Win7 using Outlook 2007/2010, however some Win8/Outlook2013 are also being used,

Those files don´t contain any particular message that we can use as a content filter rule criteria, so i was trying to use a File Type Rule using "Script/Markup", but despite it blocks those files, all the xlsx are also blocked (i´m assuming that this, is because XML is "contained" on the File Type.

Can you please help me to understant, if my approach to the issue is the best one, or does the customer has to create some data inside every spreadsheet that we can use as a "filter".

Thanks in advance,

:40991


This thread was automatically locked due to age.
Parents
  • 0

    Hi Christian,

    Thank you for your reply.

    The main reason for the customer wants to block these files to the outside, is manly due to "proprietary" code made on those VBA. Their objective is that those files are never sent to the outside (email, external storage, http, skype, etc).

    On this early stage (they are just trying it) we are using block by file type, but it would be great if you could lead me in what ways we could use to produce (as you reffer) a "immutable" identifier - we were thinking to create a string on those spreasheets, to allow us to create a content filter rule that we could use to block that data).

    :41085
Reply
  • 0

    Hi Christian,

    Thank you for your reply.

    The main reason for the customer wants to block these files to the outside, is manly due to "proprietary" code made on those VBA. Their objective is that those files are never sent to the outside (email, external storage, http, skype, etc).

    On this early stage (they are just trying it) we are using block by file type, but it would be great if you could lead me in what ways we could use to produce (as you reffer) a "immutable" identifier - we were thinking to create a string on those spreasheets, to allow us to create a content filter rule that we could use to block that data).

    :41085
Children
No Data
Unfiltered HTML