Global Application monitoring of end to end encrypted apps

book

Article ID: 222751

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite

Issue/Introduction

What is DLP's ability to monitor any app which is end to end encrypted.

Environment

Release : 15.8

Component :

Resolution

Any E2EE application or device by design is difficult to intercept and inspect.  Without having access to the apps certificates, its not feasible to monitor the app.  While it varies from app to app, in general DLP is only going to be able to monitor file uploads into the app since that is handled by the OS rather than the app itself.  Any in-line messaging, paste action, information on the users connecting to rooms in the app or sending/recieving messages (such as internal vs external users) will likely not be possible to monitor by DLP.