Use the Data Loss Prevention (DLP) sub-step to prevent loss of corporate data in your apps and add local app encryption. You can configure the DLP controls to disable copy and paste from apps, disallow text drag and drop, restrict opening of links and attachments, block app data sharing and app information from appearing in the app switcher by using privacy screens.
|Step||Blue Cedar Enforce|
Using this sub-step in a workflow
In the workflow builder for your app:
- Add the App Enhancement stage.
- Add the Blue Cedar Enforce step to the workflow.
- Add the Data Loss Prevention sub-step to the Blue Cedar Enforce step.
Click on the options gear icon next to Data Loss Prevention in the workflow outline. Configure the options:
Data Loss Prevention
The configuration settings for Data Loss Prevention are organized in two sections, shown in the App Enhancement / Blue Cedar Enforce / Data Loss Prevention section of the workflow builder as these tabs:
- Data at Rest
- Data Sharing
Data at Rest
Data at rest (DAR) encryption protects each piece of app data before saving it on the mobile device, shielding it from malware, rogue apps, and hackers who attack the device storage. When the app needs an encrypted piece of data, the integrated DAR decrypts it.
Although you apply DAR encryption to the app when you run your workflow, this does not encrypt the entire secured app. (Otherwise, it would not be able to run on the device.) The DAR option encrypts the data that the secured app generates. For example, if you apply DAR to a browser app, the data downloaded by the browser would be encrypted.
The DAR profile is a collection of settings to apply with the DAR policy.
When you select the third Encryption option, the "Add an Exception" button becomes available. You can add a file or path pattern to identify files that should not be encrypted.
Data Sharing protection allows you to constrain what kind of data users can share between apps. This data includes:
- App data:
- Copy Paste: Copy and paste between a protected app and another app.
- Drag and Drop: Drag and drop text, files, and images between a protected app and another app.
- Privacy screen: Block app screens from appearing in app switcher (iOS and Android) and disable screenshots (Android).
- Security data:
- Grouped apps: Share Authentication sub-step, Secure Microtunnel, and Single Sign-On credentials, and Data at Rest encryption keys with affiliated apps. Also allow copy and paste between grouped apps.