DeviceLock DLP
Stop data leaks at the source with
the complete Endpoint Data Loss Prevention (DLP)
An enterprise DLP that’s easy to learn, deploy, and manage
Acronis DeviceLock DLP provides comprehensive endpoint DLP (endpoint data loss prevention) – discovering and protecting sensitive data while monitoring the operations involving that information.
Minimize insider threats
Prevent data leakage due to employee negligence or malicious insiders by blocking any unauthorized attempt to access or transfer data, discovering and protecting sensitive data-at-rest.
Gain visibility into data protection
Reduce the complexity of data protection and cut reporting times with a single DLP solution for thorough visibility over data flows and user behavior.
Enforce process compliance
Reduce information security risks and comply with IT security standards and regulations by enforcing data use and handling policies that users can’t avoid following.
Free DeviceLock Information Kit
Get first-hand information and use cases to discover how DeviceLock discovers and protects sensitive data while monitoring the operations involving that information.
Download Information Kit Now
Minimize data loss and increase efficiency of data protection
Reduced complexity
Save the time and hassle associated with managing a DLP solution. Acronis DeviceLock DLP is easily deployable through Active Directory (AD) and offers various central management consoles, based on your organization’s requirements.
- Centralized management
- Native integration with Group Policy
- Non-interruptive updates and upgrades
Increased productivity
Gain visibility over data protection and increase compliance with monitoring of end-users actions and data flows, as well as built-in reporting capabilities. Control costs for DLP cybersecurity by purchasing only the functionality you need.
- User activity monitoring and log collection
- Built-in log record viewers and reporting tools
- Modular architecture to control total cost of ownership (TCO)
Improved data loss prevention
Minimize the risks related to insider threats. Allow only the legitimate operations necessary for business processes and block any unauthorized activities with enforced policies that users cannot bypass.
- Control over data flows in local and network channels
- Content analysis and filtering
- Granular control over allowed legitimate actions and processes
Control costs with modular architecture
Acronis DeviceLock DLP is comprised of different modules that serve as complementary functional components with incremental licensing to protect data-in-use, data-in-motion, and data-at-rest. Only purchase the functionalities that your business needs for DLP security.
Acronis DeviceLock DLP – Endpoint DLP
The fundamental, baseline component of Acronis DeviceLock Endpoint DLP to prevent leakage of data-in-use with context-aware controls over local data flows through ports, peripheral devices, and virtualized sessions.
Protect data-in-motion with controls over data access and transfer operations through network channels, based on the operation’s context.
Prevent unauthorized usage and transmission of confidential data, even in images or unstructured data, through content-aware controls over both local and network channels.
Monitor end-user activity, keystrokes, and running processes on the endpoint based on DLP-related events for security investigations and auditing purposes.
Ease auditing, investigations, and forensic analysis with full-text searches in the central event and shadow log database, populated by Acronis DeviceLock DLP agents.
Acronis DeviceLock Discovery
A standalone product that reduce the risk of data loss with automatic discovery of exposed sensitive data at rest – protecting it with configurable remediation actions, alerting admins, logging, and reporting.
Data loss prevention for virtualized sessions
With Acronis DeviceLock DLP, you can bring data loss prevention capabilities to streamed desktops and applications, as well as local virtual machines on hypervisors. This way you can prevent data leaks in BYOD implementations based on remote virtualization. The DLP controls are enforced on the edge of the virtual platform to control data exchanges between the virtual workspace and the personal part of the BYOD device, its local peripherals, and the network.
Supported solutions
Microsoft RDS, Citrix XenDesktop, Citrix XenApp, VMware Horizon View, VMware Workstation, VMware Workstation Player, Oracle VM VirtualBox, Windows Virtual PC
Supported controls
Context-aware and content-aware controls, logging, data shadowing and alerting for thorough DLP security over virtualized sessions
No leakage of corporate data
IT retains complete control over virtual corporate environments on employees’ personal devices
Private data independency
Employees maintain full control over the device platform, personal applications, and their private data
Comprehensive data loss prevention capabilities
UNIQUE
Centralized management and deployment
Ease the resource-consuming processes of deploying and managing an enterprise DLP solution. Acronis DeviceLock DLP offers a set of central management consoles based on an organization’s IT environment, along with the ability to manage and deploy natively through Group Policy.
UNIQUE
Agent-resident optical character recognition (OCR)
Extract and inspect textual data from more than 30 graphical formats, including graphical files, screenshots, pictures in documents, emails, and instant messages. Improve DLP cybersecurity on endpoints both inside and outside the corporate network.
Clipboard control
Prevent unauthorized data transfers at their earliest stage – between application and documents – through the Windows clipboard and print-screen mechanism. Block specific operations, such as print-screen, or granularly control them based on copied content.
Log collection
Automatically collect audit and shadow logs and deliver them to the secure central repository to ease security investigations and auditing, thanks to Acronis DeviceLock DLP agents. Traffic shaping and data compression for log delivery and load-balancing help reduce network impact.
Alerting
Shorten reaction times with real-time SMTP, SNMP, and SYSLOG alerts based on unauthorized actions delivered directly to SIEM systems and administrators.
Tamper protection
Prevent tampering with DLP policy settings locally on protected endpoints, even by local sysadmins. When enabled, only designated Acronis DeviceLock DLP administrators using the central management console can uninstall, upgrade the agent, or modify DLP security policies.
Allowlisting
Authorize the use of specific USB devices or provide a temporary access code for offline work purposes. Allowlist media storage devices and users that can access them. Specify allowlist-oriented controls over network communications based on protocol and network application properties.
Reporting
Gain visibility over data flows, data protection, and user activities related to them with powerful built-in compliance-related reports based on audit and shadow logs, permissions and settings, connected plug-and-play devices, and user activities.