The Digital Guardian Platform from Fortra (formerly HelpSystems, acquired in late 2021) is a cloud-delivered data protection platform purpose-built to stop data loss by both insiders and outsiders on Windows, Mac and Linux operating systems. Additionally, Digital Guardian User Activity Monitoring enables users to detect, investigate and mitigate suspicious user actions to ensure sensitive data doesn’t get out. And Digital Guardian for Data Discovery provides visibility and auditing of sensitive…
N/A
Microsoft Purview Data Loss Prevention
Score 7.7 out of 10
N/A
Microsoft Purview Data Loss Prevention is used to provide intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams, and on the endpoint. It also helps prevent data loss through identifying and preventing risky or inappropriate sharing, transfer, or use of sensitive data on endpoints, apps, and services.
Digital Guardian has excellent data-preventing solutions, which locate and protect [that] database that [is] super sensitive. More so, Digital Guardian offers complete coverage of endpoint safety and network monitoring. Again, Digital Guardian has a team of elite professionals, who screens and detect any cyber threats. Finally, Digital Guardian has improvised and detailed attack response, very efficient in making the right controls.
Business to business collaboration. I think Purview is a hero, especially in organizations where you need to protect the data flow and you need to enforce data flow protections that you put in place. When you're doing business to business, you have people from other businesses that are invited into your tenant and they're going to be doing work and collaborating for bids or whatever it may be. With Purview it stops and makes sure that all those new people that may not be accustomed to the way that you do things don't have access to what they need to and they only the things they do. You're not stalling productivity and you're creating protections. I think it's great.
Email data leaks - DLP software must prevent certain actions to work well. Let's say you try to copy and paste an SS # to an email, or upload sensitive data to your personal email account. Guardian Edge can prevent that, and then alert administrators that it happened
Unauthorized file copies - Guardian Edge can also prevent users from copying files from a sensitive restricted area to somewhere else where they might be able to more easily exfiltrate it. A good example would be from a company file share to a less secure server or their own home drive
Alerting Administrators of suspicious activities - Any time a user uploads a file to an upload service or personal email, it is logged and reported as an event to be reviewed. If it found nothing in scanning the data, it will still notify you that it happened so you can review it yourself to confirm it wasn't a false negative.
It's a great product from an information protection perspective, as it can identify different types of data across tons of different locations.
It's great at applying standard regulatory frameworks, like HIPAA, to management actions so you can work towards being as compliant as possible.
The eDiscovery tools are very helpful when it comes to managing legal holds and discovery requests, as it's simple to freeze accounts or hold at points in time for discovery.
Overall, Microsoft DLP is not my number one choice because there's not much flexibility. There's a lot of restrictions and the way they set up rules a lot really restrictive. Thus it takes a lot more time for my team to build the rules and establish the controls as needed. So it's very clunky in that way and they have not improved it over the years, but I know they're trying to get a better, however it takes time because Microsoft, as we all knows, not a really security centric company.
DG is the only DLP platform I've used at my current employer. I used it at my previous employer as well, and we ended up abandoning future deployments of it due to many problems caused by it, especially with web browsers. This was in 2015, rather than the 2018 version I used with my current employer, but I feel it still warrants mentioning. DG works great...when it works. When it doesn't, it's a disaster.
There are much more comprehensive and granular DLP solutions out there like Trellix and Sophos but ultimately they are expensive and require significant administrative oversight for implementation and deployment. For a company of our size, they are just not economically feasible. We purchased out 365 E5 tenant with Purview DLP integration from a reseller at a price that we couldn't compete with vs a standalone enterprise product.