Soteria Cloud KB
Soteria Cloud KB
Breadcrumbs

Data Loss Prevention (DLP)

Data Loss Prevention (DLP)

Overview

Data Loss Prevention (DLP) in Acronis Cyber Protect Cloud prevents sensitive data from leaving your organization through unauthorized channels. By monitoring data in motion, at rest, and in use, Acronis DLP identifies and blocks attempts to exfiltrate confidential information, personally identifiable information (PII), intellectual property, and regulated data, helping organizations maintain compliance with POPIA, GDPR, HIPAA, and other data protection regulations.

Key Features

  • Content Inspection - Deep content analysis identifies sensitive data using pattern matching, keywords, regular expressions, and machine learning

  • Pre-Built Compliance Templates - Ready-to-use policies for POPIA, GDPR, HIPAA, PCI-DSS, and other regulatory frameworks

  • Custom Data Identifiers - Define organization-specific sensitive data patterns (employee IDs, project codes, proprietary formats)

  • Multi-Channel Monitoring - Monitor data leaving via email, web uploads, USB devices, cloud storage, and network shares

  • Endpoint DLP - Control data transfers on laptops, desktops, and mobile devices, even when offline

  • Email DLP - Scan outbound emails and attachments for sensitive data; block, quarantine, or encrypt messages

  • Removable Media Control - Block or audit USB drives, external hard drives, and other removable storage devices

  • Cloud Storage Monitoring - Detect uploads to unauthorized cloud services (Dropbox, Google Drive, personal OneDrive)

  • User Notifications - Educate users when they attempt to share sensitive data, with policy explanations and alternatives

  • Incident Management - Centralized dashboard for reviewing DLP alerts, investigating incidents, and generating compliance reports

Soteria Cloud Advantage

Soteria Cloud's DLP implementation is optimized for South African compliance and business needs:

  • POPIA-Focused Policies - Pre-configured DLP rules for South African ID numbers, banking details, and personal information as defined by POPIA

  • Local Data Processing - DLP content inspection occurs in Teraco Johannesburg and Cape Town data centers, ensuring sensitive data never leaves South Africa

  • Compliance Expertise - Soteria Cloud's team provides guidance on DLP policy configuration for POPIA, GDPR, and industry-specific regulations

  • Integrated Protection - DLP works seamlessly with Soteria Cloud's backup and encryption capabilities to protect data at rest and in transit

  • Audit-Ready Reporting - Comprehensive DLP reports demonstrate compliance efforts to auditors and regulators

How It Works

1. Policy Configuration - Administrators define DLP policies specifying what data to protect (e.g., SA ID numbers, credit cards, confidential documents) and which channels to monitor.

2. Agent Deployment - DLP-enabled Acronis agents are deployed to endpoints, monitoring file operations, clipboard activity, and network transfers.

3. Content Analysis - When users attempt to send emails, upload files, or copy data to USB drives, the DLP engine scans content for policy violations.

4. Policy Enforcement - Based on policy settings, DLP can:

  • Block - Prevent the action entirely and notify the user

  • Warn - Allow the action but log the incident and warn the user

  • Encrypt - Automatically encrypt sensitive data before allowing transfer

  • Quarantine - Hold emails or files for administrator review before delivery

5. Incident Logging - All DLP events are logged with details: user, data type, destination, action taken, and timestamp.

6. Investigation & Response - Security teams review DLP incidents, identify patterns of risky behavior, and refine policies.

7. Compliance Reporting - Generate reports demonstrating DLP controls for audits, certifications, and regulatory compliance.

Protected Data Types

  • Personal Identifiable Information (PII) - South African ID numbers, passport numbers, driver's licenses, dates of birth

  • Financial Data - Credit card numbers, bank account details, SWIFT codes, financial statements

  • Health Information - Medical records, patient data, health insurance information (HIPAA compliance)

  • Intellectual Property - Source code, design documents, trade secrets, proprietary algorithms

  • Confidential Business Data - Contracts, M&A documents, strategic plans, customer lists

  • Credentials - Passwords, API keys, authentication tokens, private encryption keys

Compliance Use Cases

  • POPIA Compliance (South Africa) - Prevent unauthorized disclosure of personal information; demonstrate data protection measures

  • GDPR Compliance (EU) - Control cross-border data transfers; protect EU citizen data

  • HIPAA Compliance (Healthcare) - Prevent unauthorized disclosure of protected health information (PHI)

  • PCI-DSS Compliance (Payment Cards) - Block transmission of unencrypted credit card data

  • Intellectual Property Protection - Prevent theft of trade secrets by departing employees or external attackers

Resources