Tehama is announcing a new addition to the File Vault that adds further control over your ability to limit data exfiltration from a Tehama Room, ensuring that sensitive data never leaves the confines of your secure work environment and limiting the risk of data breaches.
The File Vault is a tool that allows files to be shared amongst users on desktops within a Tehama Room. Files can be brought into the Room by uploading from the Tehama web interface or from a Tehama desktop, and then can be downloaded and used on other desktops in the Room.
Earlier this year, we added an option to the File Vault that allows you to completely turn off the ability to download File Vault files from the web interface. This allows the File Vault to be leveraged for several valuable use cases -- such as managers providing files for users to leverage in the Room, or allowing users to share files between Tehama desktops -- all while ensuring that no file is ever allowed to be downloaded to a local device and leave the Room.
Now, Tehama is introducing a feature to prevent sensitive data exfiltration in a more contextual way -- based on the actual contents of the file. If a file is uploaded to the File Vault and our scanner detects that it contains certain sensitive information -- credit card numbers, social security numbers -- the file will be marked as containing “Sensitive Data”.
When “Sensitive Data” is detected, downloading the file from the web interface will be blocked, even in Rooms where this is generally allowed. While users on Tehama desktops will still be able to interact with the file to do their work, this data is prevented from leaving the Room.