Safetica uses DLP policies for data protection on endpoints and for controlling application behavior. Every DLP policy consists of a policy type, policy mode and rules. DLP policies can be set in Safetica Management Console in DLP -> DLP policies.Policy evaluation
DLP policies in Safetica
Posted by Štěpán Horký, Last modified by Dana Balaštíková on 19 May 2020 10:16 AM
DLP policies in Safetica are prioritized and evaluated from the top to the bottom of the DLP policy list. By changing the order of policies, you also change their priority during evaluation.
How DLP policies are evaluated:
Example: When a policy is found with a first-match rule for upload, the assigned action will be performed, and upload will not be evaluated any further. Evaluation will continue, however, for other operations (e.g. for email or external devices). These will be evaluated by policies placed lower in the list until a first match is found.
User-specific exceptions to policies can be set up by creating a new DLP policy, assigning it to the user and placing it above the more general policies. Policy types
There are three types of DLP policies in Safetica:
Note: We recommend placing general and other less strict DLP policies into the lower part of the list. More specific and strict policies can be placed into the upper part.Policy modes
Every DLP policy can be set to 4 different modes which affect how policy rules are applied:
Policy rule overview