Joint solution of Safetica and Commvault Edge Drive provides platform for secure data sharing across the company environment. While Commvault Edge Drives ensures that data is securely stored and available at any time Safetica classification and policy settings ensure, that sensitive files are shared only via authorized channels, while allowing the employees to work freely within the secured environment. With detailed auditing features, it provides detailed overview of employee’s workflow and data manipulation.
- Safetica Protection
- Commvault Edge Drive (or on-premise alternative)
File exchange audit:
On computers with Safetica Endpoint Client installed, auditing features are available immediately and do not require any additional settings. With working Safetica Discovery module, files uploaded or downloaded from Commvault Edge Drive will be automatically detected and logged for further purposes.
Securing files downloaded from Commvault Edge Drive:
If the Commvault Edge Drive serves as storage for classified information, Safetica can automatically classify downloaded files. For such setting, follow these steps:
- Open Safetica Management Console
- In Protection module select “Data categories”
- Create new Context category (New Data Category – Data Categorized By – Context rules (expert)).
- Optional: From version 9.3 you can switch to Metadata based categorization.
- Configure the data category:
- Click on Configure data category
- On following screen, navigate to part “Web rules” and click on “Add”
- Select a name for the rule and set Rule mode to “Tagging”
- Specify the domain/IP on which users are accessing Commvault Edge Drive (usually name of the server)
- Optional: specify extension of the files, which will be considered as sensitive
- Click on “Finish”
- Save the settings with checkmark
Restrict the classified data:
- In Protection module select DLP policies
- Create new policy:
- Click on “New policy”
- Define name of the policy and as Policy type select “Data”.
- Now click on Select category and select Data category defined in previous steps.
- Select restrictions for each channel based on your preferences (more info on policy rules can be found in our knowledgebase article).
- Click next and select users on whom the policy will be applied and click “Finish”
- Confirm the policy via checkmark
Scenarios may vary therefore the DLP Policies settings can be variable.
To ensure highest security without disturbing the workflow of the users, we recommend utilization of Zone settings. In zone settings, secure locations for storage of the classified data can be specified, while remaining locations will remain restricted according to the DLP policies.
More info about the joint solution can be found in example video.