Detecting sensitive file downloads

This page includes the following topics:

• Detecting sensitive file downloads
  • About detecting sensitive file downloads
  • Implementing detection of sensitive file downloads

About detecting sensitive file downloads

You can configure ABS to issue an alert when a significant number of files containing sensitive data is downloaded. This DLP functionality helps to detect insider threats within your organization, typically known as "sensitive data exfiltration".

Triggers

• The downloaded files must contain sensitive content, such as social security numbers and credit card numbers.

• At least 10 files must be downloaded within a 24-hour period.

• The downloaded files can be pdf, doc, or docx files - all other file types are not scanned for sensitive data content.

Email notifications

• When a detection is triggered, an email alert is sent to the organization's escalation contacts. [See Escalation contacts]

  The email includes sufficient information to enable the suspected data leak attempt to be investigated.

Cases in Perception Point X‑Ray

• When a detection is triggered, an entry is added to the Cases page in Perception Point X‑Ray. For details on the Cases page, see Cases.

• The title of the cases that are added to the Cases page is "Sensitive file downloads".

Implementing detection of sensitive file downloads

For information enabling detection of sensitive file downloads in your organization, contact Perception Point Support [support@perception-point.io].

See also: 

• Managing Advanced Browser Security