Data loss prevention failed

Hi everyone,

I’ve implemented DLP on the endpoint and try to test using a keyword “salary” it was successful on .rtf, .docx, .txt, .xlsx but when i tried to test while taking a screenshot from snipping tool and save it as PNG then it was unable to stop the transfer of that image containing the keyword salary.

Another case where I put that file in compressed folder and then test it successfully prevent the transfer of that folder BUT when I change the extension of that compressed folder from .RAR to .PNG, again it was unable to stop the transfer of that file.

Since it is the requirement of client and i’m unable to find a reason why it is failing. Desperately need a help, Can anyone please help me??

It is not possible to detect the textual contents of a screenshot unless there is OCR involved, and I don’t know that DLP does OCR scanning.

If OCR is not an option, then it is likely that all image files are being excluded from processing / searching, so it is likely that changing the extension causes it to be excluded even though it should not be. It would be better if it was excluded by MIME type and not just extension.

I have never used DLP, so I don’t know the complete answers.

I don’t have any experience specifically with our specific DLP product, but it needs to be considered as a single tool within layered security, not as the sole tool.