Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1666 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using Sophos to find protected (customer) information.

ofTSB

I was thinking that an AV scanning engine would be a great tool for locating instances of data of interest on all of the PCs in an enterprise.  For example, financial institutions need to be able to identify where in the enterprise its customer data is being stored.  It would be nice if we could have a text file containing "regular expressions", one per line, to describe things like credit card numbers, social security numbers, and the like, that the scanning engine would include when doing its regularly scheduled full volume scans and report on through the enterprise console and/or scanning logs.  Would that be possible?

:8775


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    Well DataControl does pretty much all of that however it's not something that can be scheduled to run in the same was as a AV scan to find the documents.  It can be configured to find the documents that match your expressions should they be:


    1. Opened by Firefox, IE, Outlook, Lotus Notes, Windows Mail, Webex, Microsoft communicator, Adobe Flash file uploader.

    2. Copied to Removable storage, optical or floppy disk.

    The number of "applications" sometimes gets updated, Webex and Adobe Flash file uploader were not in the original release so it can be updated.

    I'm trying to think of the potential performance hit of a scheduled scan, scanning potentially (depending on the rules) the contents of thousands of documents with regex.  It would be pretty slow I fear.  Doing it real-time before being opened by an application is potentially bad enough but usually it's only one file at a time and the nature of the actions do not typically need to be that quick.  

    I would suggest contacting Support with a feature request to maybe configure a data control scheduled scan, it can't hurt :)

    Thanks,

    Jak

    :8781
Reply
  • 0

    HI,

    Well DataControl does pretty much all of that however it's not something that can be scheduled to run in the same was as a AV scan to find the documents.  It can be configured to find the documents that match your expressions should they be:


    1. Opened by Firefox, IE, Outlook, Lotus Notes, Windows Mail, Webex, Microsoft communicator, Adobe Flash file uploader.

    2. Copied to Removable storage, optical or floppy disk.

    The number of "applications" sometimes gets updated, Webex and Adobe Flash file uploader were not in the original release so it can be updated.

    I'm trying to think of the potential performance hit of a scheduled scan, scanning potentially (depending on the rules) the contents of thousands of documents with regex.  It would be pretty slow I fear.  Doing it real-time before being opened by an application is potentially bad enough but usually it's only one file at a time and the nature of the actions do not typically need to be that quick.  

    I would suggest contacting Support with a feature request to maybe configure a data control scheduled scan, it can't hurt :)

    Thanks,

    Jak

    :8781
Children
No Data