search cancel

GPG encrypted file type detection in DLP

book

Article ID: 253348

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

How can the GPG encrypted file type be detected with Symantec Data Loss Prevention (DLP)?

 

Resolution

Currently, DLP has no default policy template to detect GPG-encrypted file types.
A feature request has been submitted to the Product Manager to add this functionality.
If you require this functionality, open a support case and reference this KB.
Ask that your case be added to the feature request.

Our policy template, Encrypted Data" has a rule for "GPG File (Keyword Match)".
However, that rule does not detect GPG encrypted file types without those keywords.

Also, the "OpenPGP Message Format" > "Encryption Formats" > "File Type Match" policy template does not detect the GPG encrypted file types.

Until such a policy is available, use a custom file type signature to detect GPG encrypted files.
If you need assistance creating the custom file type signature, engage our Professional Services for assistance.