Help Guide: DLP Measures at WeCP
At WeCP, ensuring the security of sensitive data is a top priority. We implement robust Data Loss Prevention (DLP) measures to safeguard confidential information during all phases of our operations. This guide outlines the key DLP measures in place at WeCP to help our clients understand how we protect their data.
1. DLP for Emails
What We Do:
We use Google Workspace DLP to monitor and control outgoing email communications.
This feature scans emails and attachments for sensitive data (e.g., PII, financial details, intellectual property) to prevent unauthorized sharing.
Key Measures:
Pattern Matching: Detects sensitive information like credit card numbers, Social Security Numbers, or proprietary keywords.
Policy Enforcement: Automatically blocks or quarantines emails containing sensitive data, ensuring compliance with security policies.
Real-Time Alerts: Administrators are notified of potential policy violations for timely action.
2. DLP for Endpoints
What We Do:
We secure all endpoints, such as laptops and devices, to prevent unauthorized access and data leakage.
Key Measures:
Full Disk Encryption: We enable BitLocker on all company-issued laptops to ensure data is encrypted and safe from theft.
USB Port Control: USB access is restricted on devices to prevent unauthorized copying or transferring of data.
Data Classification Labels: Employees use labels to classify data (e.g., Public, Confidential, Restricted), ensuring that sensitive information is handled appropriately.
3. Proctoring Data Security
Our remote proctoring solutions comply with DLP guidelines to ensure candidate data and testing results remain secure.
Video recordings, browser data, and assessment results are encrypted during transmission and storage.
4. Application-Level DLP
What We Do:
We integrate DLP mechanisms within our application to monitor data exchanged during assessments.
Key Measures:
Access Control: Role-based access ensures only authorized personnel can view or modify sensitive data.
Real-Time Monitoring: All actions within our platform are logged and monitored to detect unusual behavior or breaches.
Data Encryption: Both in-transit and at-rest data encryption protects customer and candidate data from unauthorized access.
5. Secure Collaboration
What We Do:
We promote secure collaboration by implementing stringent file-sharing controls across teams.
Key Measures:
Secure Cloud Storage: All sensitive files are stored in Google Drive with sharing permissions restricted to specific users or teams.
Email Filters: Outbound emails containing sensitive files trigger alerts and require authorization before being sent.
6. Compliance and Monitoring
What We Do:
Our DLP measures align with compliance frameworks like GDPR, CPRA, and SOC 2 to ensure we meet the highest standards of data security.
Key Measures:
Audit Trails: All actions are logged and auditable to comply with regulatory requirements.
Regular Reviews: DLP policies are reviewed and updated periodically to address emerging security threats.
How to Report a Data Security Concern
If you suspect any data breach or policy violation, you can immediately contact our security team at security@wecp.com. We encourage all users to report concerns so we can ensure our measures remain robust.
Conclusion
At WeCP, protecting sensitive data isn’t just a priority—it’s our responsibility. Our DLP measures ensure that data remains secure, risks are minimized, and our customers can trust us to uphold the highest standards of integrity.
For more information about our DLP policies or security measures, feel free to reach out to our support team.
4o