- Logging data modification history: Records who modified a file, the nature of the content changes, and when the changes occurred.
- Tracking data movement across devices and channels: Monitors whether data is copied to USB drives, uploaded to the cloud, or sent via email.
- Detecting risks of data leaks: If sensitive data is copied or transmitted outside the organization, the system can issue alerts or block the action.
- Ensuring regulatory compliance: Enables organizations to demonstrate that data is protected in accordance with security standards such as GDPR and ISO 27001.
1
Workspace Owners and Administrators define file identification patterns, including:
- Filenames (or regex patterns:
report_*.xlsx,confidential_*.pdf, etc.) - File formats (extensions such as
.docx,.zip, etc.)
2
The Endpoint Agent monitors and records all activities related to data on the corporate drive, including:
- Actions on files matching the defined patterns:
- Local operations: Creation, modification, copying, movement, renaming, and deletion.
- External transfers: Sending via email, web uploads, cloud synchronization, etc.
- Lineage continuity: If a file matching a pattern is renamed (e.g., File A matches the pattern but is renamed to File B, which may not), the system continues to track all subsequent actions performed on File B.
3
The data flow is reconstructed as a continuous event sequence, displaying:
- Actor (the user performing the action)
- Location (the device and folder)
- Timestamp (when the event occurred)
- Action (copy, modify, upload, etc.)
4
The dashboard provides a timeline view and detailed logs, featuring capabilities to:
- Search and filter by file, user, device, or action type.
- Export data for forensic investigation or auditing purposes.