Symantec File Share Encryption can be integrated into Symantec Data Loss Prevention to ensure files are encrypted when they need to be. Because File Share Encryption offers a seamless experience to end users on encrypted files, this is an optimal use case to secure files that reside on a CISF fileserver. The attached document will go over this information.
Using the Symantec DLP Flex Response Plug-in with Symantec File Share Encryption can allow for the following functionality:
*DLP detection of sensitive files will trigger the Flex Response Plug-in (flrinst.exe), which then invokes File Share Encryption to encrypt the files.
*Sensitive Files in transit can be automatically encrypted with File Share Encryption that match DLP Prevention detection rules, even when files are not in an encrypted share.
*Files encrypted with Symantec File Share Encryption enforced by the DLP Flex Response Plug-In can still be scanned for sensitive content once encrypted.
See the Symantec Data Loss Prevention Encryption Insight Implementation Guide for more information.
Although the version of this document is for version 10.2, the current version of Symantec File Share Encryption concepts are still the same and still apply.
As of the writing of this document, the current version of Symantec File Share Encryption is 10.5 with Symantec Encryption Management Server 10.5.
The location of the File Share Encryption "nsplugin_flexresponse.zip" is in the following directory where Symantec File Share Encryption is installed:
C:\Program Files\PGP Corporation\PGP Desktop
Once extracted, the nsplugin_flexresponse.py script will be used by DLP to perform needed encryption operations.
For information on DLP Integration with Symantec Encryption Management Server, consult the User's Guide for Symantec Encryption Desktop 10.5 under Chapter 11 - Using File Share Encryption", under "Integrating with Symantec Data Loss Prevention".
To see the current version of all Symantec Encryption products, see the following article: