Corporate data can be leaked in different ways, i.e., through web mail, cloud storage, social media, and a variety of other applications. You can use Zscaler's DLP policy to protect your organization from data loss.
If your organization had a third party DLP solution, Zscaler can forward information about transactions that trigger DLP policies to your third party solution. Zscaler uses secure Internet Content Adaptation Protocol (ICAP) to do this. However, the Zscaler service does not take ICAP responses from your DLP solution. Zscaler only monitors or blocks content according to the policy you configure, then forwards information about transactions so that your organization can take any necessary remediation steps.
Below are the different types of DLP policy rules you can configure. Your policy can use all of the options below simultaneously.
For information on the order in which Zscaler enforces all policies, including DLC policies, see How does the Zscaler service enforce policies?
Below is an illustration of the process that occurs when you block data using Zscaler DLP engines. To learn more, see Configuring Policies Using Zscaler DLP Engines.
Below is an illustration of the process that occurs when you block data using Zscaler DLP engines and forward information to your third party DLP solution. To learn more, see Configuring Policies Using Zscaler DLP Engines.
Below is an illustration of the process that takes place when you configure DLP policies for this option. To learn more, see Configuring Policies Using External DLP Engines.