Loading...

File System Permissions and DLP Authorized Users

A Data Loss Prevention (DLP) authorized user is a user account on a DLP-enabled laptop with permission to unlock and read the contents of locked files. If your laptop has more than one user account, then the DLP authorized users of a locked file will depend on the file system security permission settings of each user for that particular file.

The following table lists the DLP actions allowed on a locked file for each level of file system security permissions that a user account has on the file:

File System Security Permission

DLP Actions and Capabilities

Full Control

  • Listed as a DLP authorized user.
  • Can unlock files and read content.
  • Can modify the contents of a locked file.

Modify

Read & Execute

  • The user is listed as a DLP authorized user.
  • Can unlock files and read content.
  • Cannot modify the contents of a locked file.

Write

Read

No Permissions

  • Not a DLP authorized user.
  • Cannot unlock files.

Last modified: 6/27/2019 6:33:01 PM