Data Loss Prevention (DLP) Policies are controls that Company Managers can enable in order to restrict what users can do in Venn's Blue Border™. You may choose to put these policies in place to prevent company information and files with sensitive data from being lost, misused, or accessed by unauthorized users.
Learn about available DLP Policies for mobile devices.
How Data Loss Prevention Policies Work
As a Company Manager, you can set Default DLP Policies, which are applied to all Venn users as a baseline. Your company's Default Policy sets the standard Data Loss Prevention (DLP) controls that apply to all Venn users by default.
You can also create Policy Overrides, which allow you to set DLP Policies that supersede the default policy for a single user or a group of users. Policy Overrides can be created for an individual user by name, for a user group, or for an IP address.
For example, if you want to prevent contractors from copying and pasting company information from inside of Venn to outside, you could set up the following using the Move and Paste DLP Policy:
- Default: Set your Move and Paste DLP Policy as unrestricted
- Override: Create a policy override for your contractor group and set the Move and Paste DLP Policy to restricted for that group
If a user qualifies for more than one Policy Override, Overrides will be prioritized in the order in which they appear in the list of Overrides. Overrides listed higher on the list will supersede any Overrides listed lower on the list.
How to Configure DLP Poicies
As a Company Manager, you can manage your company's Data Loss Prevention (DLP) Policies on the DLP Policy page in Company Admin. Learn how to configure and manage Data Loss Prevention Policies for your company.
Available DLP Policies for Desktops and Laptops
-
Not sure which DLP Policies you want to enforce?
Download this planner to review with your IT and Security teams.
| Policy | Settings | Venn Best-Practice Recommendation |
|
Controls the network path for apps running in Blue Border. |
Restricted: Users' network traffic is encrypted and routed through the Private Company Gateway except for the exception list configured by the Company Manager. Unrestricted: Network traffic is not routed through by Private Company Gateway. Users' internet traffic will not be encrypted or subject to your Web Policies. |
Enable exclusions and advanced options as needed. Click here to learn more. |
|
Controls the ability to print from apps running in Blue Border. Note: This policy is only enforced on Windows devices. It does not restrict "Print to PDF" functionality. |
Restricted: Users cannot print. Unrestricted: Users can print to any printer. |
Choose the appropriate setting depending on your organization's workflows. |
|
Controls the ability to share, record, or screenshot app windows open in Blue Border. Note: This policy is only enforced on Windows devices. |
Restricted: Users cannot share app windows unless you enable them to share with a business reason. Unrestricted: Users can share any application window. |
Allow employee monitoring or remote support tools to view and record inside Blue Border if needed. Click here to learn more. |
|
Controls the ability to copy-and-paste or drag-and-drop from inside Blue Border to outside. Note: This policy does not restrict the ability to drag/drop and copy/paste to move data into Blue Border. |
Restricted: Users cannot move data outside of Blue Border. Unrestricted: Users can move data outside of Blue Border. |
|
|
Controls the browser policies applied to browsers running in Blue Border. |
Custom: Custom browser policies have been applied. Default: No custom browser policies have been applied. |
Identify and test browser policies you would like to implement for Chrome and Edge within the Venn Blue Border environment prior to onboarding end users. |
|
Controls system settings applied to the registry in Blue Border. Note: This policy is only enforced on Windows devices. |
Restricted: Custom registry settings have been applied for the Secure Enclave on Windows devices. Unrestricted: No custom registry settings have been applied. |
Identify and test registry settings you would like to implement to control or customize specific application behaviors within the Venn Blue Border environment prior to onboarding end users. |
|
Controls the ability to upload files in browsers running in Blue Border. Note: This policy is only enforced on Windows devices. |
Restricted: Users are not allowed to upload files except to domains in the exception list configured by the Company Manager. Unrestricted: Users are allowed to upload files to any domain. |
Depending on your organization's workflows, choose Restricted to prevent users from uploading files (except to domains specified) or Unrestricted to allow users to upload files to any domain. Enable exclusions as needed. Click here to learn more. |
|
Controls which file storage solution(s) are available in Venn, the default file save and download location, and whether or not users can save files to locations outside of Venn. Note: If you do not assign any of the file storage options, the only encrypted storage location protected by Venn on your users' devices will be Venn Disk, a temporary storage location that is not backed up to the cloud. |
Restricted: Configured. A file storage assignment has been selected and/or data is not allowed to be saved or moved out of Venn. Unrestricted: Not configured. No file storage assignments have been selected and data is allowed to be saved or moved out of Venn. |
Depending on your organization's workflows, configure file storage options.
|
|
Controls access to Google Suite and Microsoft 365 software suites in Blue Border. |
Restricted: Configured. Access to Google Workspace and/or Microsoft 365 accounts is allowed in Blue Border. Unrestricted: Not configured. Access to Google Workspace and/or Microsoft 365 accounts is not allowed in Blue Border. |
Depending on your organization's workflows, configure account access options. For each software suite:
We do not recommend choosing Allow access with any account unless this is required for your organization's workflows. |