Home / Use cases / File DLP

File DLP

Ensuring the security of sensitive files is crucial for modern enterprises. Traditional security solutions such as SWGs often fall short in this regard, as they lack visibility of user activity and identity context within the browser. This lack of context can lead to inadvertent data leaks or unauthorised sharing of confidential information.

SquareX’s File DLP provides a comprehensive solution to this challenge by offering advanced, context-aware data loss prevention directly within the browser. It enables enterprises to implement granular policies that control the movement of files based on their source, destination, and content. For instance, SquareX can enforce policies that prevent the upload of sensitive corporate documents to personal cloud storage accounts while allowing seamless access to approved corporate drives.

Block file uploads to non-company Google drive

File upload of company documents to unauthorised websites is a major concern for enterprises. A common example is an employee inadvertently uploading a company document to his personal Google account instead of the company’s. As SquareX has an identity context of the user accessing the application and hence can carry out actions such as allowing uploads of specific files to Google Drive only when the user is logged into their company's account. While this seems like a complicated action, the policy is easy to create with the assistance of SquareX’s policy generating copilot. As an example, simply use the prompt ‘Block source code file upload to drive.google.com when user is not logged into abizzcorp.com’ to generate the appropriate policy. The expected outcome would be:

Block source code uploads to unauthorized file storage sites like Mega.nz

Source code is a critical and sensitive asset for any organization, and its unauthorized upload to public file storage sites can lead to security breaches and intellectual property theft. These platforms may not have adequate security measures to protect the data, making it vulnerable to unauthorized access and exploitation. Admins can use the prompt 'Block source code uploads to unauthorized file storage sites like Mega.nz' to AI generate the policy. The expected outcome would be:

Block file uploads to social networking sites

Uploading files to social networking sites can pose security risks, as these platforms often lack any security controls to protect sensitive information. Preventing file uploads to these sites helps protect against data leaks and unauthorized sharing of corporate data. Admins can use the prompt 'Block file uploads to all social networking sites' to AI generate the policy. The expected outcome would be:

Block file uploads to unpopular domains

Unpopular or lesser-known domains are often used by cybercriminals to host malicious content. Blocking file uploads to these domains reduces the risk of data being exposed to insecure and potentially harmful sites. Admins can use the prompt 'Block file uploads to unpopular domains' to AI generate the policy. The expected outcome would be:

Block file uploads to free hosting sites

Free hosting sites are commonly used by attackers to distribute malware and steal data. Blocking file uploads to these sites ensures that sensitive corporate information is not stored in unsecured and unreliable locations. Admins can use the prompt 'Block file uploads to free hosting sites' to AI generate the policy. The expected outcome would be:

Block file uploads to websites using HTTP protocol

Websites using the HTTP protocol lack encryption, making data transmissions vulnerable to interception and tampering. Blocking file uploads to such sites ensures that sensitive data is only transmitted over secure HTTPS connections. Admins can use the prompt 'Block file uploads to websites using HTTP protocol' to AI generate the policy. The expected outcome would be:

Block file uploads to sites that contain unicode characters in the domain

Unicode characters in domain names can be used to create deceptive URLs that mimic legitimate sites, posing phishing and data security risks. Blocking uploads to such sites prevents accidental data exposure. Admins can use the prompt 'Block file uploads to sites that contain unicode characters in the domain' to AI generate the policy. The expected outcome would be:

Block file uploads to sites with typosquatting domains

Typosquatting involves registering domains that are misspelled versions of legitimate websites, which can be used to deceive users into sharing sensitive information or uploading important files to malicious sites. Blocking file uploads to these domains prevents accidental exposure of sensitive data to attackers. Admins can use the prompt 'Block file uploads to sites with typosquatting domains' to AI generate the policy. The expected outcome would be:

Block .exe file uploads to Google Drive

Executable files (.exe) can contain malicious code and pose security risks if not properly controlled. Blocking their upload to Google Drive ensures that potentially harmful software is not distributed through corporate channels. Admins can use the prompt 'Block .exe file uploads to Google Drive' to AI generate the policy. The expected outcome would be:

Block upload of files that contain credit card information

Uploading files containing credit card information can lead to security breaches and financial fraud if the data is intercepted or accessed by unauthorized parties. Blocking such uploads helps protect sensitive financial data. Admins can use the prompt 'Block upload of files that contain credit card information' to AI generate the policy. The expected outcome would be: