Data Loss Prevention - Market Quadrant 2023
Copyright © March 2023, The Radicati Group, Inc. Licensed for distribution. 36
monitoring and filtering capabilities, for both data at rest and in motion, ranging from file type to
predefined content based on dictionaries, regular expressions and machine learning. It supports
key data protection regulations such as GDPR, CCPA, HIPAA, PCI DSS, NIST and others.
Administrators can define detection patterns based on proximity, dictionaries, regular
expressions, and more. The movement of valuable data to unauthorized external individuals is
monitored and controlled through the exit points and administrators are alerted in the case of a
policy violation. Endpoint Protector enables seamless management of all organization endpoints,
regardless of operating system, from a single dashboard.
Endpoint Protector is offered in various form factors, including as a virtual appliance, as well as
an instance on AWS, Azure and Google Cloud. The virtual appliance supports all popular
hypervisors, e.g., VMware, HyperV, Citrix XenServer, and others. Endpoint Protector is also
available as a CoSoSys hosted SaaS solution.
Endpoint Protector features four specialized modules that can be mixed and matched based on
client needs. The modules comprise:
o Content Aware Protection – gives organizations detailed control over sensitive data leaving
their computers. Through close content inspection, transfers of PII, PHI, PCI, or important
company documents are blocked, logged and reported. File transfers can be allowed or
blocked based on predefined company policies, and can be applied to web, mail, instant
messaging apps, file shares, and more. Contextual Detection is also available which offers an
advanced way of inspecting confidential data based on both content and context. The Deep
Packet Inspection functionality currently available on Windows, macOS and Linux allows
network traffic inspection at an endpoint level and offers a detailed content examination of
file transfers. A User Remediation feature is also available.
o Device Control – gives organizations granular control over USB devices, Bluetooth and
peripheral ports’ activity on employees’ computers through a simple web interface.
Organizations can implement strong device use policies that will scan data transfers to
portable storage devices, or block their usage (or certain features, e.g. allow charging of
iPhones but not data transfer) in order to protect sensitive data.
o Enforced Encryption – can be automatically deployed or manually installed on USB devices
in the root folder, after which any data copied onto the device will be automatically