Data Loss Prevention (DLP) in WorkDrive: An Overview
In today’s data-driven world, protecting sensitive information is critical to sustaining customer trust, business continuity, and compliance.
Data loss occurs when sensitive information is exposed, altered, or deleted in ways that compromise its confidentiality, integrity, or availability. Common causes include:
- Accidental leaks from employees unknowingly sharing files externally.
- Intentional data theft through unauthorized access.
- Poor data handling practices, such as allowing unrestricted downloads or prints of sensitive information.
Data loss, whether through accidental sharing, malicious intent, or inadequate security practices, can result in operational disruptions, financial setbacks, and reputational damage.
For organizations and users that handle sensitive information like personal identification details, bank account details, or confidential business documents, a strong data protection strategy is essential. To help organizations secure their data assets, WorkDrive now offers a comprehensive Data Loss Prevention (DLP) feature.
Here's how WorkDrive’s DLP helps protect your data:
WorkDrive’s DLP feature provides a proactive way to secure sensitive information by restricting access and applying controls on data usage. With a DLP policy in place, your organization can prevent unauthorized sharing, copying, printing, or downloading of sensitive information.
Note: Only Team Admins or Super Admins can configure and manage DLP policies from the Admin Console.Automatic classification through DLP policy
Automatic classification helps secure sensitive files by scanning and applying restrictions automatically based on predefined rules. Once the DLP policy is configured and enabled across your team, WorkDrive scans files in real time for sensitive information.
When a sensitive file is identified, the configured restrictions (e.g., preventing external sharing, downloading, copying, or printing actions or displaying a warning when sharing the file externally) are applied automatically. This mode is ideal for teams handling large volumes of sensitive data, as it minimizes human error and ensures consistent data protection.
Stage 1: Set up DLP rules
As an Admin or Super Admin in WorkDrive, you can define rules to protect sensitive files and configure policies for automatic classification. WorkDrive offers three types of content identifiers to detect and secure files:
- Country-specific sensitive content identifiers: Automatically identifies PII like Social Security Numbers (SSN) or national ID numbers specific to a country, ensuring compliance with local regulations.
- File content-based keyword identifier: Analyzes file content for specific keywords or phrases you’ve configured, enabling the classification of files containing sensitive or restricted information.
- File identifier: Allows you to configure specific file names or extensions that identify sensitive files.
Stage 2: Monitoring file edits and uploads
WorkDrive continuously monitors any new files uploaded to your account and updated versions of existing files.
Stage 3: Scanning file content to identify sensitive data, files, or keywords
Once the DLP policy is configured and enabled for your team, WorkDrive scans all content in your account to identify files that match the configured policy.
Stage 4: Applying classification label based on DLP rules
If new or updated files match the configured DLP policy, WorkDrive automatically applies corresponding classification label to those files. Classification labels help you identify files that contain sensitive, confidential, personally identifiable information, and more.
Stage 5: Applying restrictions or warnings for files based on the classification label applied
If a file meets the criteria of the DLP policy, WorkDrive applies the necessary restrictions to prevent external sharing, copying, printing or downloading of that file. This ensures ongoing security for your sensitive data.
Disclaimer: While automatic classification enhances security by identifying and labeling sensitive data automatically, it may not always achieve 100% accuracy. To address this, WorkDrive offers manual classification as an additional layer of control. This empowers users to step in and manually label files that may have been overlooked by automated processes to ensure no sensitive information is left unprotected. Manual classification using Classification Labels
In cases where users need to apply restrictions selectively, WorkDrive offers Manual classification through Classification Labels. This feature allows users to manually apply preconfigured labels to specific files and enforce restrictions only on those files. It provides flexibility by enabling users to secure files based on their context or content.
Stage 1: Configure a classification label
In this stage, the admin or super admin of a WorkDrive team can create classification labels and configure them with specific restrictions, such as preventing external sharing, download, copy, or print actions, or warn users upon external sharing. The classification labels help categorize files containing sensitive, confidential, or personal information.
Stage 2: Apply the classification label by right-clicking on the file
After the labels are configured, members with Edit or higher permission can manually assign a classification label to a file. This is done by simply right-clicking the file in WorkDrive and selecting the appropriate classification label from the available options. This method gives users greater control over file classification so they can ensure that sensitive files are labeled accurately.
Stage 3: Applying restrictions or warnings for the selected file based on the classification label applied
Once a classification label is applied, the corresponding restrictions configured for the label are automatically enforced. These restrictions can include disabling external sharing, preventing file downloads, and restricting users from copying and printing. This ensures that sensitive files remain secure and access is limited based on the organization's policies.
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Data Loss Prevention (DLP) Policy and Classification Labels: Limitations
The Data Loss Prevention (DLP) feature in WorkDrive relies on content extraction from uploaded files. DLP classification is performed based only on the extracted content. Currently, WorkDrive supports text and Optical Character Recognition (OCR) ...WorkDrive TrueSync - Release Notes
Download the latest TrueSync app (Windows & Mac OS) Both Windows and macOS components have been upgraded to ensure compatibility with the latest security standards and OS requirements. The updated OS support is as follows: For Windows: X64 based ...WorkDrive Desktop App (TrueSync) - Overview
WorkDrive TrueSync app lets you create a virtual drive of your WorkDrive account in computer to access all your files without actually downloading any of your files. This saves your storage space on the computer. TrueSync also lets you sync files in ...DLP: Supported country-specific sensitive content identifiers in WorkDrive
As an admin or super admin of a WorkDrive team, you can configure data loss prevention (DLP) rules to secure files containing country-specific personally identifiable information (PII), such as Social Security Numbers (SSN) or National ID numbers. ...Create and manage a DLP policy (Automatic classification)
Protecting sensitive data is essential for maintaining business integrity and regulatory compliance. Implementing a data loss prevention (DLP) policy in WorkDrive enables admins to automatically secure sensitive files by preventing unauthorized ...
New to Zoho LandingPage?
Zoho LandingPage Resources