Enabling and disabling Data Leak Prevention

If you use the DLP Module in your organization, we recommend that you avoid disabling data leakage protection unless a special case occurs. You are advised to request permission to disable Data Leak Prevention from the security officer.

To enable or disable Data Leak Prevention:

1. In the Management Console tree, select the DLP Module settings node.
2. In the Data Leak Prevention section, perform one of the following actions:
   • To disable data leakage protection, clear the Enable Data Leak Prevention check box.
   • To enable protection, select the Enable Data Leak Prevention check box.
3. Click the Save button.

When Data Leak Prevention is enabled or disabled, the application performs the following operations:

• Sends the following notification to the addresses of security officers:
  • The administrator has disabled DLP Module for the entire organization– when disabling Data Leak Protection;
  • The administrator enabled DLP Module for the entire organization– when enabling Data Leak Protection.

  For a notification to be sent successfully, the notification delivery settings must be defined in advance on the DLP query controller server or in the profile that includes the DLP query controller server. Otherwise, notifications will not be sent. Notifications can be received by security officers only if their addresses have been configured before notifications are sent (see the Security Officer's Guide to Kaspersky Security 9.0 for Microsoft Exchange Servers).

  If notification delivery has failed, an Error event with error information is recorded in the Windows application log on the DLP query controller server.

• On each Security Server where Data Leak Prevention was disabled or enabled, the application adds the event with code 30000 to Windows Event Log.

After Data Leak Prevention is disabled, the application stops applying DLP policies to messages and scanning messages for data leaks. In this case, DLP databases are updated as usual.