To prevent unauthorized exfiltration of sensitive data to physical media such as USB devices, printers, and network shares, your organization requires granular control over endpoint peripheral devices. Endpoint DLP enables your data security administrators to precisely manage peripheral device usage by allowing, blocking, or alerting on connection events.

This control leverages also leverages Enterprise Data Loss Prevention (E-DLP) advanced detection methods, including custom data profiles, ML-based, and regex data profiles, to identify and secure sensitive data movement to and from the endpoint. Endpoint DLP policies are enforced by the Prisma Access Agent installed on protected endpoints. The Agent detects file movement, immediately executes the configured DLP policy action, and displays notifications to the end user when a policy violation occurs.