Data Loss Prevention (DLP)
Data Loss Prevention (DLP) involves protecting sensitive data from unauthorized access, usage, or sharing. This is done by utilizing various monitoring, scanning, and encryption tools, as well as working with data users and owners to ensure adherence to policies and best practices.
- How do I request a DLP Exception?You can request a DLP Exception by:
- Visiting the DLP Exception Request. You will be prompted to login with your O-Key Account credentials and authenticate through Multifactor Authentication (MFA).
- Start a support ticket by using this link: Request Help
- Provide the following information in the Issue Field:
- File Name(s)
- Reason for Exception(s)
- Provide the following information in the Issue Field:
- What drives/devices are scanned by DLP?DLP Scans are performed on all OSU provided Shared Drives such as departmental G: Drives
- What information is flagged in a DLP Scan?The DLP Scan flags U.S. Social Security Numbers (SSNs), Tax ID Numbers, and credit card information (including P-Cards).
- I checked the file(s) in question from the DLP scan and there was no sensitive data.
Was the scan incorrect and what steps need to be taken?
- This can happen because the scan is only looking for patterns (xxx-xx-xxxx), so be sure to check the file very carefully. If the data that was found is not sensitive data, this is called a False Positive.
- Reporting a False Positive will ensure that the next time a scan is run, that the
same data will be marked as safe, and you will not be alerted again.
You can report a False Positive by:- Visiting the DLP Exception Request. You will be prompted to login with your O-Key Account credentials and authenticate through Multifactor Authentication (MFA).
- Start a support ticket by using this link: Request Help
Provide the following information in the Issue Field:-
- File Name(s)
- Reason for Exception(s)
-
- I checked the file(s) in question from the DLP Scan and there was sensitive data.
What are the next steps and what should I do?You can find more information at the Data Loss Prevention (DLP) Portal.Your options are:
- If you do not need the file any longer, you may simply delete it.
- If you need the file, but not the sensitive data, you may remove the sensitive data from the file and click Save.
- If you need the file and all of the data within, including the sensitive data, you must use encrypted storage. Your department may utilize encrypted storage (such as an S:Drive).
- What if I have deleted the file?There is a delay between when the scan is run and when the email notifications are sent out. As a result, you may have deleted the file after the scan was completed but before the notification was sent out. The file will be listed on the Data Loss Prevention (DLP) Portal. If you receive additional notifications regarding the file, please fill out the Data Loss Exception Request form.
-
How do I request Whole Disk Encryption?
You can request Whole Disk Encryption by:
-
Starting a support ticket by using this link: Request Help
-
Provide the following information in the Issue Field:
-
The name of the department which owns the device (ex. Information Technology, College of Arts & Sciences (CAS), etc.)
-
The operating system and version on the device. (ex. Windows 10 Enterprise, Apple Mac OS X 10.12.2, Ubuntu Linux, etc.)
-
The full hostname of the device (ex. Pistolpete.ad.okstate.edu, myserver.ad.okstate.edu, etc.)
-
-
-
My device is requesting a BitLocker Key, how do I obtain my BitLocker Key?
A BitLocker Key is a unique password that can be used to unlock a system if BitLocker is otherwise unable to confirm that the attempt to access the system is authorized. Please view the process below for obtaining your BitLocker Key below:
-
Sign into your Microsoft Account (microsoft.com).
-
From the list provided, select the device needing a BitLocker Key. Click the device and the label should expand.
-
Click the View BitLocker Key option.
-
The BitLocker Key for the requested device should appear on the right-hand side of the page.
-
-
If the device is not provided on the list, or the device states to not have a BitLocker Recovery Key found, your identity will need to be verified for IT to further assist with obtaining the BitLocker Key.
-
OSU IT Provides a few different options to verify your identity:
-
On the OSU Stillwater Campus, visit 421 Classroom Building, and an IT employee will verify your identity in person.
-
Contact the IT Helpdesk at 405-744-4357 to verify your Phone Password/Challenge Secret over the phone or by requesting a video call to verify your identity.
-
Open a web browser (such as Microsoft Edge, Mozilla Firefox, Google Chrome, Apple Safari, etc.) and fill out an Identify Verification Form (IVF).
-
Online Form (If you fill the Online For out, select the ‘Other’ option under the Reason for Verification, and provide the device Hostname in which you are requesting the BitLocker Key for.
-
-
-