> Expert > Solutions and Use Cases > Edge Endpoint Solutions > Edge Endpoint Solutions for End Users > Data Loss Prevention > Data Loss Prevention Configurations > Viewing and Removing DLP Authorized Users

File System Permissions and DLP Authorized Users

A Data Loss Prevention (DLP) authorized user is a user account on a DLP-enabled laptop with permission to unlock and read the contents of locked files. If your laptop has more than one user account, the DLP authorized users of a locked file depend on the file system security permission settings of each user for that particular file.

The following table lists the DLP actions allowed on a locked file for each level of file system security permissions that a user account has on the file:

File System Security Permission

DLP Actions and Capabilities

Full Control

  • Listed as a DLP authorized user.

  • Can unlock files and read content.

  • Can modify the contents of a locked file.

Modify

Read & Execute

  • The user is listed as a DLP authorized user.

  • Can unlock files and read content.

  • Cannot modify the contents of a locked file.

Write

Read

No Permissions

  • Not a DLP authorized user.

  • Cannot unlock files.

Loading...