Lightbeam Basics: Policies for Detecting & Preventing Data Leakage

Stop data leakage with Lightbeam. Define policies, detect unauthorized use, and automate alerts for stronger data loss prevention.

Lightbeam Basics: Policies for Detecting & Preventing Data Leakage

Worried about data leakage or unauthorized use?
In this Lightbeam Basics episode, see how policy management strengthens control:

Define and enforce data use policies to prevent misuse
Detect and respond instantly to internal or external leakage attempts
Automate alerts for faster breach detection and compliance reporting

Lightbeam helps you build policy-driven data loss prevention (DLP) into everyday workflows.

Transcript

Today we're gonna look at policies
in the Lightbeam platform.
Policies can be used to enforce appropriate data use
and discover inappropriate data leakage in an environment
by mapping out the appropriate use of data as it relates
to business processes and ownership.
Permitted data use
and storage can be better understood and allocated.
Policies can be configured in a multiple of ways
to track both external
and internal data, as well as labeling data
with specific custom labels
that can be used for later governance.
When we take a look at the policy details page,
we see individual cards for each
of the primary policy types.
Those policy types are internal
external discovery and labeling.
For each of the cards, we can see the number of rules
that have been created under each of these number
of data sources, and if there's every anything been
added to the permit list.
The permit list allows for storage appropriately,
thus creating the map of the data processing activities.
If we go deeper and look at the individual rule sets
that have been created from these policies, we see a list
of all of them, how many violations each have is created,
how many have permanent listings, the number
that it was created on, and an ability to delete it.
So let's take a look at one of these Acme rockets.
So now we can look at how the policy is structured.
There's basically four different pages
that we're gonna set up of information that, how,
how this policy will run.
We first enable it and we're gonna enable alert settings
based on this policy if violations.
So if alerted, bill and Kilo will be alerted by email.
We also can set the number of entities
and now we see that the entities have not been selected.
But if we wanna update that
and change that, we can change it to any kind
of individual person, group,
or individual entity in the organization.
If we want to create new ones.
What we can do is, I'm just gonna select all entities
for this one and say that's who we're gonna look for.
So we're not gonna look for a particular person,
but we're gonna look for everyone.
We're gonna say all attributes, uh, identity data, uh,
location data and medical data, uh, especially.
And the data sources. We're gonna look at Gmail and G drive
and the alert settings are enabled as we saw.
So we advanced to the next pages,
which is the deleted data sources.
And as I said, we see Gmail
and the G Drive are already selected,
but if we wanna add another one, uh, here's all a listing
of all the connected data sources
and we can search any one of those.
So if we wanted to add this, uh, lightbeam,
AWS three bucket, we can add just that easily
and that volume will be scanned.
So as we go to the next page, the alerts,
cable alerts are enabled.
So this policy will create
Alerts for people to respond to.
Um, and the alerts can be assigned to anybody.
Right now they're assigned to Bill and Kilo again.
Um, and here's a selection screen for sensitivity.
So we are gonna say that, uh, if more than two attributes
that are already classified as high sensitivity
are discovered in this repository,
we're gonna raise an alert for that.
And we're also gonna say medium sensitivity, two of those.
So anything medium or high, two
or more of those, we'll raise an alert
for this particular policy.
The last one is, uh, automation, which is always on.
It's kind of a, an empty bucket right now.
Uh, I'm gonna save that and close that.
And so now we have a policy here, Acme Rockets,
that's gonna run and it will generate alerts
so we can see the alerts that it generates
and the policies on the home screen.
Over on the unresolved alerts
and critical alerts fields,
we'll cover alerts in another video.
That's all for policies today.