Glossary

Activating the application

Switching the application into full-function mode. Application activation is performed by the user during or after the application installation. You should have a key file to activate the application.

Active key

Key that is used at the moment to work with the application.

Active policy

A policy currently used by the application for Data Leak Prevention. The application can use several policies at once.

Additional key

Key that verifies the use of the application but is not used at the moment.

Anti-virus databases

Databases that contain information about computer security threats known to Kaspersky Lab as of the anti-virus database release date. Anti-virus database signatures help to detect malicious code in scanned objects. Anti-virus databases are created by Kaspersky Lab specialists and updated hourly.

Archived incident

An incident restored from the archive to Management Console (for example, to search for information about similar policy violations in the past).

Archiving

A process of moving closed incidents to an archive in secure format. The application removes incidents from Management Console after archiving them.

Backup

A dedicated storage area intended for saving backup copies of objects that are created prior to their disinfection or removal.

Black list of key files

Database that contains information about the key files blocked by Kaspersky Lab. The black list file content is updated along with the product databases.

Closed incident

An incident that has been processed, with a decision made on this incident.

Confidential data

Information that is not subject to disclosure and distribution beyond a limited circle of people. Confidential data usually include information listed as a state or trade secret, as well as personal data.

Control scope

SharePoint websites for which the application monitors file uploading. When the user uploads a file to a website within the control scope, the application scans the file for data protected by the active policies.

Corporate security

A scope of regulations and procedures aimed at the protection of a company's business interests. This may include, e.g., collection of information about the company's internal environment or competitors, analysis of market trends, and protection of intellectual property.

Data category

A set of data united with a common feature or subject and corresponding to specific criteria (e.g., a combination of words used in text in a certain order). The application uses data categories for recognizing information in files being uploaded and stored on SharePoint. The application allows using preset Kaspersky Lab data categories and creating custom data categories.

Data leak

Unauthorized access to confidential data with further uncontrolled distribution.

Data leak prevention

The scope of a security officer's actions aimed at preventing any unauthorized access to confidential data (such as blocking a file when it is uploaded to SharePoint).

Data search

Search for data from specified categories on SharePoint websites. The application searches for data in accordance with the settings of the search task.

Data subcategory

A nested data category included in a larger category. Each subcategory describes the set of data with a common attribute within a category. For example, the "Magnetic stripe data" subcategory makes part of the "Banking cards" category. You can manage the composition of a category by excluding or including some subcategories. E.g., you can exclude subcategories upon which the application must not monitor data leaks.

Disinfection

A method of processing infected objects that results in full or partial recovery of data. Not all infected objects can be disinfected.

DLP Module (Data Leak Prevention)

Component of Kaspersky Security that is designed for protection of information uploaded to or stored on SharePoint websites against leakage.

DLP Module status

The current state of the DLP Module. Using the DLP Module status, Kaspersky Security informs you of errors in the operation of the DLP Module and ways of fixing them.

Document templates

Files with text data used as patterns for creation of new documents. The application protects against leakage all documents that have been created on the basis of those templates.

False positive incident

This is an incident that has visible signs of a data leak without an actual leak occurring. For example, a false positive incident can be provoked by a user's attempt to send a file that contains no financial information but is a template for preparing financial reports.

File blocking

The application's action aimed at a possible data leak. The application can block a file that initiated a policy violation. If the application blocks a file, the user cannot upload the file to SharePoint.

Full scan

A type of file scan. When performing a full scan, the application searches for data from the specified categories in all files stored on SharePoint servers.

Hash sum

Unique series of alphanumeric symbols that results from algorithmic processing of data.

Incident

The record of an event in the application's operation associated with detection of a possible data leak. E.g., the application creates an incident when a policy is violated.

Incident status

The current state of an incident. The status shows the stage of incident processing. The statuses of incidents are can be used for management of incident processing.

Incremental scanning

A type of file scan. During an incremental scan, the application searches for data on SharePoint servers, only scanning files that have been modified since the previous scan.

Infected object

An object a portion of whose code completely matches part of the code of known malware. Kaspersky Lab does not recommend using such objects.

Kaspersky CompanyAccount

Portal designed for sending online requests to Kaspersky Lab and tracking their processing by Kaspersky Lab experts.

Kaspersky Lab categories

Predefined data categories developed by Kaspersky Lab specialists. Categories can be updated during application database updates. A security officer cannot modify or delete those predefined categories.

Kaspersky Lab update servers

HTTP and FTP servers of Kaspersky Lab from which Kaspersky Lab applications download database and application module updates.

Kaspersky Security Network (KSN).

Infrastructure of cloud services that provides access to the Kaspersky Lab online knowledge base containing information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to threats, improves the effectiveness of some protection components, and reduces the risk of false positives.

Key file

A xxxxxxxx.key file that allows use of a Kaspersky Lab application on the terms of a trial or commercial license. You have to specify the path to the key file after the application has been installed. You may use the application only when you have a key file.

Keywords

Word, phrase, or sequence of characters that the application uses for recognizing data in files being uploaded and stored on SharePoint that need to be protected against leakage. Keywords can be added to data categories.

License certificate

This is a document that is provided to you by Kaspersky Lab together with a key file or activation code. It contains information about the license granted to the user.

License term

A time period during which you have access to the application features and rights to use additional services. Available functionality and specific additional services depend on the license type.

Managed device

Device with an installed security software suite connected to Kaspersky Security Center.

Management Console

Kaspersky Security application component. Provides a user interface for managing administrative tools and enables configuration of the application and management of the server component. The management module is implemented as an extension of the Microsoft Management Console.

Match level

Criterion showing how well the information in files being uploaded and stored on SharePoint matches a table data category. You can configure the match level when creating or editing a table data category.

A security officer can specify the number of cells that will affect the match level. The number of cells is created based on unique crossings between columns and rows of the table.

Object removal

The method of processing objects which ends in it being physically deleted from its original location (hard drive, folder, network resource). We recommend that this method be applied to dangerous objects which, for whatever reason, cannot be disinfected.

On-access scan

A mode of a Kaspersky Lab application whereby files are scanned automatically on being uploaded to the server or downloaded from the server.

Opened incident

An incident that has been assigned New or In progress status.

Personal data

Information that can be used to identify a person, directly or indirectly.

Phishing

A kind of online fraud aimed at obtaining unauthorized access to confidential data of users.

Policy

Collection of application settings that provide data protection against leakage. The policy defines the conditions on which users can handle confidential data, as well as actions that must be taken by the application when possible data leakage is detected.

Policy violation

User actions leading to a violation of the conditions applied to the handling of confidential data on SharePoint servers. The application views an event as a policy violation if the user specified in the policy settings uploads to a SharePoint website or sends by email some data from a category prohibited by the policy.

Probably infected object

An object whose code contains a modified segment of code of a known threat, or an object resembling a threat in the way it behaves.

Quotations from documents

Text fragments from documents that must be protected against leakage.

Search scope

SharePoint websites on which the application searches for data. If files are stored on a website within the search scope, the application scans the files for data from the categories specified in the search task.

Search task

A set of criteria and parameters based on which the application searches for data on SharePoint servers.

Security Officer

Employee who is in charge of controlling compliance with the corporate security requirements on SharePoint websites, as well as monitoring and preventing data leakage.

SharePoint server structure

A tree of nodes that makes it possible to manage the content of a SharePoint server. In nodes, you can select elements and specify the actions to take on them.

Skipping of an object

Processing method in which an object is allowed to pass to the user unchanged. If event logging is enabled for this event type, information about the object detected will be logged in the report.

System KPI (Key Performance Indicators)

It is type of application operation report. It contains information about the key performance indicators of the DLP Module.

Table data

Information organized in a table format that must be protected against leakage. Table data is processed in Kaspersky Security using CSV (Comma Separated Values) files.

Unwanted content

Information that is unsuitable for various groups of users. Unwanted content includes websites and messages that propagate violence, incite acts of terror, contain child pornography or profanity.

Update

A function performed by a Kaspersky Lab application that enables it to keep computer protection up-to-date. During the update, an application downloads updates for its databases and modules from Kaspersky Lab's update servers and automatically installs and applies them.

User category

A data category created by a data security officer.

Violation context

A text fragment with data that violates a policy when uploaded to SharePoint servers. The violation context is required for making a decision of an incident.

Virus

A program that infects other ones by adding its code to them in order to gain control when infected files are run. This simple definition allows exposing the main action performed by any virus – infection.

Working scenario

A sequence of actions that is recommended to a security officer for solving a standard task. A scenario includes both actions in the application interface and preparatory actions beyond the application (such as planning or analysis).