There can be motivation for end users to circumvent, disable, or otherwise avoid the attentions of the CA DLP endpoint agent. Endpoint agents include various email, browser, and application plug-ins and other CA DLP components, including the collection manager (WgnCM) and the CA DLP infrastructure service (WgnInfra).
Important: We recommend one single measure above all others to reduce or eliminate the risk of users tampering with your CA DLP endpoint agent installation: Ensure that users are not given local administrator privileges over their workstations, and that they do not have access to an account with such privileges.
Read this guide before installing CA DLP, because some security decisions have an impact on your choice of deployment options.
Most customers already employ methods to limit the ability of users to reconfigure their clients. To ensure maximum compatibility with such methods, the CA DLP endpoint agent does not automatically enable the techniques suggested in this document. However, you can add an extension to the installation process to invoke these techniques automatically.
Contact CA Technologies to discuss your requirements.
The following sections describe further measures that you can use to control the risk.
|
Copyright © 2012 CA.
All rights reserved.
|
|