Endpoint Data Loss Prevention

Information Protection


Protect against data loss at the endpoint

Proofpoint Endpoint Data Loss Prevention (DLP) takes a modern, people-centric approach to protecting your data. It provides you with integrate content awareness and behavioural and threat awareness. This gives you granular visibility into your users’ interactions with sensitive data. Detect, prevent and respond to data loss incidents in real time. Endpoint DLP builds on our proven leadership in email threat protection and insider threat management. All so you can reduce your data loss risk—without reducing your users’ productivity.

Proofpoint Solution Brief Cover

Endpoint DLP and ITM Solution Brief

Learn how we protect from endpoint data loss, simplify incident response, and accelerate time to value

Download Solution Brief

Context

People-centric insight

Get critical context around risky data movement as it happens—not just after it has occurred. Endpoint DLP helps determine key questions such as:

  • Is the data sensitive for my organisation?
  • Who moved the data?
  • Where did the data originate?
  • Where did it go?

Real-time visibility helps you correlate, detect, prevent and resolve data loss incidents before they can cause lasting harm.

Detect

Data loss detection and analytics

Detect risky data movement across and out of your environment with an out-of-the-box data loss rules engine. This allows you to identify sensitive data through scanning content in motion and reading data classification labels, such as from Microsoft Information Protection. You can also integrate our data-activity telemetry into your broader threat-hunting programs.

Prevent

Data management and control

Prevent risky data movement from the endpoint, including transfers to and from USB devices and cloud sync folders. Endpoint DLP makes it easy to stop out-of-policy data usage and movement. You can concentrate prevention based on several factors. These include users, user groups, endpoint groups, application names, USB device ID/serial number, USB vendor, data classification label, scanned content match and source URL.

Respond

Data loss incident response

Our built-in incident-management workflows are tailored for endpoint data loss caused by users. All telemetry collected is visualised in timelines so you can always the answer ‘who, what, where, when and why’ behind each event and alert. These visual timelines also turn into evidence for deeper investigations with Insider Threat Management (ITM). And this allows you to collaborate easily with HR and Legal with evidence that is free of cybersecurity jargon.

Architecture

Integration with Enterprise DLP and Insider Threat Management

Endpoint DLP runs on the cloud-native Information and Cloud Security platform. Its modern architecture is built for scale, analytics, security, privacy and extensibility. It shares a lightweight endpoint agent with Proofpoint Insider Threat Management. And that means you can extend your visibility and controls across data loss and insider risks without slowing down you users.