You can define DLP policies in Skyhigh CASB to detect sensitive content and apply DRM protection to documents using the Apply DRM Response in DLP Policies. API-based DLP policies can be used to monitor the activity of uploading files with sensitive data and protect the documents using Ionic via API mode. This will result in document getting encrypted/protected with Ionic as soon as it’s uploaded to cloud service.
IMPORTANT: To be able to view document content, users must install the Ionic Office Endpoint / Agent on their desktop computers, download the document from cloud service, and then access the file.
To define API-based DRM policies:
- Use the Apply DRM Response Action to protect sensitive documents in a cloud service. The example below shows a policy that detects the presence of credit card information in a document and protects the document by using the Sensitive Data Marking and CCN Data Marking Value.
Please note that the Data Marking and Data Marking Value have to be defined in Ionic for this policy to work: