With Aranda Datasafe’s data theft prevention feature, you can configure devices to revoke file access if they don’t connect with Aranda Datasafe within a certain period of time. To revoke a device, Aranda Datasafe removes the device’s encryption certificate.
While a device is being revoked, it cannot be used to access protected data.
You can enable or disable the data theft prevention feature in a policy. When Data Theft Prevention is enabled, all devices using the Policy will need to connect to Aranda Datasafe regularly or they will be revoked.
Prerequisites: Before enabling DLP features, make sure that Active Directory Certificate Services are configured.
The data theft prevention feature is only available if the local file encryption feature is enabled for policy. (It uses the encryption certificate that is generated when using local file encryption.)
To enable or disable data theft prevention:
1. Open the Policy Editor for the Policy you want to change (click Policies and then click Policy).
2. Click on the DLP tab.
3. Use the slider of Data Theft Prevention to enable or disable Data Theft Prevention (green is enabled, gray is disabled).
A message appears reminding you to configure Active Directory Certificate Services (AD CS). We recommend that you configure AD CS before enabling DLP. Click OK to close the message.
4. Use the Revoke if device disconnects for days option to define how long Aranda Datasafe will wait before locking a device.
5. Click Save or Save & Close to confirm.