Data loss prevention in Zoho Cliq

Data loss prevention in Zoho Cliq

Data is prone to leaks and theft, especially when it involves external parties. With Zoho Cliq's DLP, you can implement organizational strategies to help reduce data leaks and theft across your organization. Getting started is easy—simply create a DLP policy within Zoho Cliq to safeguard your data and enhance security throughout the organization.
InfoInfo: This feature is available only in the Zoho Cliq Enterprise plan.

Where do I find this in the admin panel?   

Navigate to the Admin Panel -> Data Administration -> Data Loss Prevention.
The DLP module is divided into three sub-sections, such as:
  • Policies
  • Sensitive information types
  • Alerts

Policies   

Policies are defined to ensure how sensitive data should be handled, monitored, and protected in an organization. They protect a wide range of sensitive information types and set rules tailored to your requirements.

Active and inactive policies   

By default, you can view the list of active policies that are currently enforced in the organization and also convert active policies to inactive policies, or vice versa.

Create a policy   

Select the create policy button under Policies to create a policy and follow the below steps.
Step 1: Select Category   
Select a category from the below options:
  1. Existing template
    When selecting templates, you'll see three predefined categories: Privacy, Finance, and Healthcare. Each category includes policies for five regions: India, the US, Australia, Canada, and the UK. You can choose a template from these categories or create a custom policy.
  2. Create from scratch
    You can create a custom policy by selecting the Create from scratch option.  
Step 2: Policy details   
The next step would be to add policy details such as policy name and description.

Sensitive information types     

Sensitive information types are categories or classifications of data that are valuable, critical, and confidential and need measures to protect them.

Default and custom      

Zoho Cliq has some predefined sensitive information types that you can select from. You can also create your own sensitive information type.
To create a sensitive information type:
  1. Select Add New Sensitive Information Type.
  2. Add a name and description, then choose a primary method.
  3. You can either enter a regular expression or provide a set of keywords, separated by commas.
Notes
Note:
  1. If any keyword from the set matches, the DLP action will be triggered.
  2. Alternatively, you can upload a file as a dictionary as the primary method.
  3. The file you import should be only of the '.txt' format.
Step 3: Update sensitive information types and rules   
Add sensitive information type   
If you've selected a template, the associated information types will be automatically added.
You can also add additional information types to the template.
To protect specific data relevant to your organization, you have the option to create custom information types as needed.
If you have selected existing templates, the list will be updated. Otherwise, you can add a sensitive information type here. You can create your own sensitive information types depending on the kind of organization data you want to protect.
If you are creating a policy from scratch, you ll have to select at least one sensitive information type and click Add.

Create  DLP rules

Rules are sets of criteria and conditions that are used to define how sensitive data should be protected in an organization. You can create up to five rules for a policy. To create a rule, you'll need to define the following:
  • Rule name: Add a name to the rule.
  • Select users: You can select all users or apply the rule to specific users/roles/departments.
  • Select chats: You can select all chats or apply the rule to specific chat types from the options.
  • Select actions: You can select the following actions that can be performed on a message when the rule is met: Block, Block & allow only after approval, Block & allow override, and Allow and audit. 

How rules work? 

In a DLP policy, you can apply rules to all users or select specific users, departments, or roles. Multiple rules can also be added to a single DLP policy.
When a DLP policy includes multiple rules with different user selections and actions, the rule with the most restrictive DLP action will be enforced.
If there are multiple policies with single rules, the policy with the most restrictive action will apply.
Example:
In a DLP policy:
  • Rule 1: Engineering DepartmentBlock
  • Rule 2: HR Admin RoleAllow
How it works: If a user belongs to both the Engineering Department and has the HR Admin role, they will still be blocked from sending sensitive information because the most restrictive action (Block) is applied.
 
Once the sensitive information types are added and the rules are set, you can select Next.
Step 4: Alerts   
The organization admin can choose whether they or other admins should be notified when a rule violation occurs in chat. The admins selected in the 'Notify admin' field will receive a policy violation alert message. Here, you can specify the alert severity and add a policy tip to be displayed to the user who violates the policy.

Notes
Note:
  • Alert severity works as a reference to help organization admins categorise the importance of each DLP policies in better way.
  • Admins can select "Low, Medium, or High" in the severity option. This will create visual distinction in the Alert module's listing, helping to filter out alerts with "high" priority.
When a user sends a message that violates a policy, the selected organization admins will receive an alert message. 
Step 5: Preview   
Once all the details are defined, you can preview the policy before creating one.

Types of actions for handling sensitive data:  

  1. Block

    • This is the recommended action for managing sensitive data. When a rule is set to "Block," users are prevented from sending messages containing sensitive information as defined by the policy.
    • User experience: If a user attempts to send a message that violates the policy, the message will be sent but it will be masked, and a policy tip will be displayed explaining the restriction.
 Web 
 Android 
 iOS
 
  1. Block and allow only after approval

    • This action blocks messages that violate the policy but allows them to be sent after the admin's approval.
Android 
 iOS
 
    • Admin options:
      • Approval requirement: Admins can mandate a valid reason for approval.
      • Notifications: Admins can opt to receive notifications about these approval requests in the alerts section.
    • User experience: In the chat location, users will see an info that their message is blocked and is pending approval.
    • Upon admin approval, the message sent will be visible and an info will be displayed that 'This message, ideally blocked by DLP policy restrictions, has bypassed the policy and has been sent' in the message.
    • Upon admin decline, the message will be blocked permanently, and an info will be displayed that 'The request for approval to send this message blocked by DLP policy restrictions, has been rejected' in the message.
  1. Block and allow override

    • This action blocks messages that violate the policy, but allows users to override the block and send the message after providing a reason.
Web 
 Android 
 iOS 
    • Admin options:
      • Approval requirement: Admins can mandate users to provide a reason to override.
    • User experience: Users will see a notification that their message is blocked due to the DLP policy. They can choose to override the block, provide a reason, and send the message. A notification will be displayed that 'This message, ideally blocked by DLP policy restrictions, has bypassed the policy and has been sent.
  1. Allow and audit

    • This action allows users to send messages that violate the policy but logs these messages for audit purposes.
    • User experience: Users can send their messages without interruption. However, each message is logged in the alerts log for auditing and review by admin. 

Alerts   

In the alerts section, you'll find a list of all instances where users have violated a policy. You can filter this list based on various criteria, including policies, sensitive information, users, alert severity, and status. If an entry in the list is highlighted, it means the user has sent a message for your approval.
You can view all the pending alerts left when users send a message and request for your approval. You can either approve or decline the request.

Notes
Note:
We'll be syncing the status of DLP policies of chats/users every 15 minutes. When a new DLP policy is added or when updating an existing policy & a sensitive message is sent within the 15 minute time-frame, the DLP action may not be implemented completely.
 



    Access your files securely from anywhere

      Zoho CRM Training Programs

      Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

      Zoho CRM Training
        Redefine the way you work
        with Zoho Workplace

          Zoho DataPrep Personalized Demo

          If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

          Zoho CRM Training

            Create, share, and deliver

            beautiful slides from anywhere.

            Get Started Now


              Zoho Sign now offers specialized one-on-one training for both administrators and developers.

              BOOK A SESSION









                                            You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.




                                                Manage your brands on social media

                                                  Zoho Desk Resources

                                                  • Desk Community Learning Series


                                                  • Digest


                                                  • Functions


                                                  • Meetups


                                                  • Kbase


                                                  • Resources


                                                  • Glossary


                                                  • Desk Marketplace


                                                  • MVP Corner


                                                  • Word of the Day


                                                    Zoho Marketing Automation

                                                      Zoho Sheet Resources

                                                       

                                                          Zoho Forms Resources


                                                            Secure your business
                                                            communication with Zoho Mail


                                                            Mail on the move with
                                                            Zoho Mail mobile application

                                                              Stay on top of your schedule
                                                              at all times


                                                              Carry your calendar with you
                                                              Anytime, anywhere




                                                                    Zoho Sign Resources

                                                                      Sign, Paperless!

                                                                      Sign and send business documents on the go!

                                                                      Get Started Now




                                                                              Zoho TeamInbox Resources



                                                                                      Zoho DataPrep Resources



                                                                                        Zoho DataPrep Demo

                                                                                        Get a personalized demo or POC

                                                                                        REGISTER NOW


                                                                                          Design. Discuss. Deliver.

                                                                                          Create visually engaging stories with Zoho Show.

                                                                                          Get Started Now









                                                                                                              • Related Articles

                                                                                                              • Cliq Cart

                                                                                                                Cliq Cart is a nifty e-commerce tool crafted for your organization and teams to seamlessly browse, purchase, sell, and even host auctions without leaving Zoho Cliq. Whether you're searching for essential office supplies, showcasing your latest ...
                                                                                                              • Data storage compliance in Zoho Cliq

                                                                                                                Zoho Cliq is a GDPR-compliant service that ensures your personal data remains secure. We follow all the security compliance regulations and make sure that your data is stored and handled within your geographic region. We follow this pattern not just ...
                                                                                                              • Zoho Writer for Cliq

                                                                                                                Available Regions: US, IN, EU, AU.Available Plans: All plans.Available To: Roles                    Entire organization                         Team      Organizational Admins  ✔  ✔ Members    ✔   How this integration helps The Zoho Writer for Cliq ...
                                                                                                              • eDiscovery and data retention policies in Zoho Cliq

                                                                                                                Using Zoho Cliq, an admin can retain data using policies, investigate by searching for specific data, hold this data, and export the data retained for compliance purposes. Follow the below steps for eDiscovery and retaining data in Zoho Cliq: Step 1: ...
                                                                                                              • HIPAA Compliance with Zoho Cliq

                                                                                                                The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach Notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business ...
                                                                                                                Wherever you are is as good as
                                                                                                                your workplace

                                                                                                                  Resources

                                                                                                                  Videos

                                                                                                                  Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.



                                                                                                                  eBooks

                                                                                                                  Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.



                                                                                                                  Webinars

                                                                                                                  Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.



                                                                                                                  CRM Tips

                                                                                                                  Make the most of Zoho CRM with these useful tips.



                                                                                                                    Zoho Show Resources