Hi team,
We're using DLP Endpoint (both: Prevent & Protect)
In our company, we use Titus to tag Office documents not only with visible watermarks but using two custom fields on document properties. Anyone can read those fields in Office (Document Properties > Advanced Properties > Custom fields)
In particular, our company wants to prevent exfiltration for documents with specific values on thos fileds:
FIELD VALUE
====== ======
DatClas1 Internal Use Only
DatClas2 PII
Then, I created a policy in the DLP console to detect & block any exfiltration attempt for documents with specific keywords on those fields.
I configured a content matching condition based on keywords (Content Matches Keywords) using values in both fields: "Internal Use Only" and PII (we tested proximity between keywords from 5 to 999).
However, when I test it, the documents can be exfiltrated without any detection (no blocks or incidents registered).
Foremost, when content is tagged as watermarks in documents, everything works well. However, we need to protect documents tagged with this Custome filed in Office documents.
Any suggestions?
------------------------------
Juan
------------------------------