Can I securely transfer data from a database direct to the EDM process?

book

Article ID: 160655

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Network Monitor Data Loss Prevention Network Prevent for Email Data Loss Prevention Enforce Data Loss Prevention Network Prevent for Web Data Loss Prevention Network Protect Data Loss Prevention Endpoint Discover

Issue/Introduction

Secure data transfer

Resolution

Relevant versions:  7.1 and up

Symantec DLP does have some current functionality that 'may' address at least some of the issue.

Symantec DLP 7.1 Utilities Guide* discusses the SQLPreindexer and the Remote EDM Indexer

Briefly:

SQLPreindexer 
The SQLPreindexer utility is always used in conjunction with the Remote EDM Indexer utility. It is installed in the Vontu\Protect\bin directory during installation of the Remote EDM Indexer. The SQLPreindexer utility generates an index directly from a SQL database. It processes the database query and then pipes it to the Remote EDM Indexer utility described in “Remote EDM Indexer” on page 27. Be sure to read the chapter about the Remote EDM Indexer before running the SQLPreindexer since the two utilities are used together.

NOTE: The rows of data that are listed in the error file are not encrypted so the error file should be safeguarded to minimize any security risk from data exposure.

Remote EDM Indexer 
The Remote EDM Indexer is a utility provided by Symantec DLP to convert a comma-separated value or tab-delimited datafile to an exact data matching index. The Remote EDM Indexer is the same EDM Indexer used by the Enforce Server except it is designed to be installed on a machine that is not part of the Symantec DLP server configuration. The SQLPreindexer is often used in conjunction with the Remote EDM Indexer. The SQLPreindexer is used to run SQL queries against SQL databases and pass the resulting data to the Remote EDM Indexer.

Using the Remote EDM Indexer to index a data source on a remote machine offers the following advantages:

  • An additional layer of security is maintained by enabling the owner of the data to index the data instead of the Symantec DLP administrator
  • The system load generated by indexing is shifted to another machine freeing the CPU and RAM on the Enforce Server for other Vontu tasks

Note the following information:

  • For maximum security, the, SQLPreindexer and the Remote EDM Indexer should be located in the same location as the DB box.
  • If the SQLPreindexer is not in the same location, then the data of the SQL database would be transferred in an unsecure pipe.

 

*For versions of Symantec DLP after 10.5, these details are included in the Symantec DLP Administrator Guide.