In SearchInform DLP it becomes easier to customize the process of data storage
17.06.2024

From now on, information security officers can flexibly manage the way DLP collects and stores information.

The SearchInform DLP system’s settings for keeping data, which the system collects during monitoring user activity on PCs and the transmission of information via communication channels were updated. New capabilities for managing the storage of data on the system’s operation itself were introduced as well. Due to this, information security officers can control memory consumption on DLP servers and flexibly adapt settings to the needs of the company.

Developers have also expanded DLP log management capabilities, allowing users to manually set the maximum log volume and limit logging by time. For example, you can store logs only for a week or 24 hours; the period is specified arbitrarily.

Usually, the more detailed the log, the more space it takes up. However, now SearchInform DLP offers various logging levels, which means that even the largest log files will not take up more than the allocated server space. Logging can be performed in alternative storages, such as a separate server, by manually specifying the path to the desired directory.

Also, it is possible to optimize system data volume by disabling event logging from agents or SSL connection logging: regular event records will no longer consume space. As a result, the system's hard drive memory usage is reduced, and more space for data gathering is left.

The way DLP system gathers data from different sources can be customized as well. For instance, it is possible to individually configure the volume of files that the system will check when sending to the cloud, via email, etc. This is useful to avoid overloading the system with processing overly large files, particularly media ones.

Besides, the maximum file size allowed for processing has increased, depending on the channel. For example, for Cloud Controller, it is now 2 GB, as large files are often uploaded to cloud services. If such volumes are not required, information security officers can indicate any other values within the available range for the channel.

"We continuously enhance the functionality of our products and strive to simultaneously make them even more user-friendly. It is important for customers to integrate DLP flexibly into their infrastructure. That is why we are providing increasingly extensive customization options, including the capabilities for fine-tuning of  the system’s work organization. Information security officers can optimize the resources used by the system according to their priorities," commented Sergio Bertoni, the Leading Analyst at SearchInform.

ABOUT THE COMPANY

SearchInform is an information security and risk management product vendor as well as an MSS provider. The company's clients are more than 4000 companies in 20+ countries. Today, the team has products and services for comprehensive protection against insider threats at all levels of corporate information systems: FileAuditor (the DCAP class solution); DLP system with extended functionality; Risk Monitor (advanced platform for internal threat mitigation); SIEM system; IS outsourcing service.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.