Key that is used at the moment to work with the application.
A policy currently used by the application for Data Leak Prevention. The application can use several policies at once.
Key that verifies the use of the application but is not used at the moment.
Databases that contain information about computer security threats known to Kaspersky as of the anti-virus database release date. Anti-virus database signatures help to detect malicious code in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.
An incident restored from the archive to Management Console (for example, to search for information about similar policy violations in the past).
A process of moving closed incidents to an archive in secure format. The application removes incidents from Management Console after archiving them.
Operation mode of Anti-Virus for the Mailbox role when Anti-Virus scans messages and other Microsoft Exchange objects stored on a Microsoft Exchange server, searching for viruses and other security threats with the latest version of anti-virus databases. A background scan can be run either manually or upon a set schedule.
Special storage for backup copies of objects saved before their disinfection, removal or replacement. It is a service subfolder in the application data folder created during Security Server installation.
Database that contains information about the key files blocked by Kaspersky. The black list file content is updated along with the product databases.
An incident that has been processed, with a decision made on this incident.
Information that is not subject to disclosure and distribution beyond a limited circle of people. Confidential data usually include information listed as a state or trade secret, as well as personal data.
An object consisting of several objects, for example, an archive or a message with an attached letter. See also simple object.
A scope of regulations and procedures aimed at the protection of a company's business interests. This may include, e.g., collection of information about the company's internal environment or competitors, analysis of market trends, and protection of intellectual property.
A set of data united with a common feature or subject and corresponding to specific criteria (e.g., a combination of words used in text in a certain order). The application uses data categories for recognizing information. The application allows using preset Kaspersky Lab data categories and creating custom data categories.
Unauthorized access to confidential data with further uncontrolled distribution.
A set of the security officer's actions aimed at preventing any unauthorized access to confidential data.
A nested data category included in a larger category. Each subcategory describes the set of data with a common attribute within a category. For example, the "Magnetic stripe data" subcategory makes part of the "Banking cards" category. You can manage the composition of a category by excluding or including some subcategories. E.g., you can exclude subcategories upon which the application must not monitor data leaks.
A method of processing infected objects that results in full or partial recovery of data. Not all infected objects can be disinfected.
Component of Kaspersky Security that is designed for the protection of data against leakage.
The current state of the DLP Module. Using the DLP Module status, Kaspersky Security informs you of errors in the operation of the DLP Module and ways of fixing them.
Public lists of IP addresses known to generate spam.
The service providing quick updates to the Anti-Spam database improving the efficiency of Anti-Spam against new emerging spam. To function properly, Enforced Anti-Spam Updates Service needs a permanent Internet connection.
This is an incident that has visible signs of a data leak without an actual leak occurring. For example, a false positive incident can be provoked by a user's attempt to send a file that contains no financial information but is a template for preparing financial reports.
Representation of a file name using wildcards. The standard wildcards used in file masks are * and ?, where * represents any number of any characters and ? stands for any single character.
Message that is automatically generated and sent by mail clients or robots (for example, informing about the impossibility to deliver a message, or confirming user registration on a web resource).
The record of an event in the application's operation associated with detection of a possible data leak. E.g., the application creates an incident when a policy is violated.
The current state of an incident. The status shows the stage of incident processing. The statuses of incidents are can be used for management of incident processing.
An object a portion of whose code completely matches part of the code of known malware. Kaspersky does not recommend using such objects.
Portal designed for sending online requests to Kaspersky and tracking their processing by Kaspersky experts.
Predefined data categories developed by Kaspersky Lab specialists. Categories can be updated during application database updates. A security officer cannot modify or delete those predefined categories.
The solutions allows users of Kaspersky anti-virus applications to access Kaspersky Security Network databases without sending data from their computers to Kaspersky Security Network servers.
Infrastructure of cloud services that provides access to the Kaspersky online knowledge base containing information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the effectiveness of some protection components, and reduces the risk of false positives.
HTTP and FTP servers of Kaspersky from which Kaspersky applications download database and application module updates.
Word, phrase, or sequence of characters that the application uses for recognizing data that need to be protected against leakage. Keywords can be added to data categories.
This is a document that is provided to you by Kaspersky together with a key file or activation code. It contains information about the license granted to the user.
A time period during which you have access to the application features and rights to use additional services. Available functionality and specific additional services depend on the license type.
Web addresses leading to malicious resources, i.e. web resources designed to spread malware.
Device with security software installed that is connected to Kaspersky Security.
Kaspersky Security application component. Provides a user interface for managing administrative tools and enables configuration of the application and management of the server component. The management module is implemented as an extension of the Microsoft® Management Console.
Mass email messages authorized by the recipients, most often containing advertising messages.
Criterion showing how well the information matches a table data category. You can configure the match level when creating or editing a table data category.
A security officer can specify the number of cells that will affect the match level. The number of cells is created based on unique crossings between columns and rows of the table.
Method of processing an email message, which entails physical removal of this message. It is recommended to apply this method to messages which unambiguously contain spam or malicious objects. Before deleting a message, a copy of it is saved in Backup (unless this option is disabled).
The method of processing objects which ends in it being physically deleted from its original location (hard drive, folder, network resource). We recommend that this method be applied to dangerous objects which, for whatever reason, cannot be disinfected.
An incident that has been assigned New or In progress status.
Phishing Confidence Level is a special tag used by Microsoft Exchange mail servers to measure the probability of the risk of phishing threats in a message. The PCL rating ranges from 0 to 8. A mail server considers a message with a PCL rating of 3 or lower to be free from phishing threats. A message with a rating of 4 or higher is considered a phishing message. Kaspersky Security can change the PCL rating of a message depending on the message scan results.
Information that can be used to identify a person, directly or indirectly.
A kind of online fraud aimed at obtaining unauthorized access to confidential data of users.
Collection of application settings that provide data protection against leakage. The policy defines the conditions on which users can handle confidential data, as well as actions that must be taken by the application when possible data leakage is detected.
The user's actions that are associated with a violation of the conditions. The application views an event as a policy violation if the user specified in the policy settings uploads to a SharePoint website or sends by email some data from a category prohibited by the policy.
A message that cannot be unambiguously considered spam, but has several spam attributes (e.g., certain types of mailings and advertising messages).
An object whose code contains a modified segment of code of a known threat, or an object resembling a threat in the way it behaves.
A set of settings applied simultaneously to several Security Servers.
A computer network service which allows users to make indirect requests to other network services. First, a user connects to a proxy server and requests a resource (e.g., a file) located on another server. Then the proxy server either connects to the specified server and obtains the resource from it or returns the resource from its own cache (if the proxy has its own cache). In some cases, a user's request or a server's response can be modified by the proxy server for certain purposes.
Spam Confidence Level is a special tag used by Microsoft Exchange mail servers to measure the spam probability of a message. The SCL rating can range from 0 (minim probability of spam) to 9 (the message is most probably spam). Kaspersky Security can change the SCL rating of a message depending on the message scan results.
An employee who is in charge of controlling compliance with the corporate security requirements, as well as monitoring and preventing data leakage.
Server component of Kaspersky Security. Scans email traffic for viruses and spam, updates databases, ensures application integrity, stores statistical information, and provides administrative tools for remote management and configuration.
Message body or simple attachment, for example, an executable file. See also container object.
Unsolicited mass e-mail, most often containing advertising messages.
Public lists of hyperlinks to the resources advertised by spam senders.
A data category designed for monitoring the sending of any data to the addresses of recipients specified in this category. The application monitors all email messages sent to the specified email addresses.
Anti-virus scanning of messages stored on an e-mail server and the content of public folders using the latest database version. Background scans can be launched either automatically (using a schedule) or manually. The scan involves all protected public folders and mailbox storages. Scanning may reveal new viruses that had not been included in the database during earlier scans.
It is type of application operation report. It contains information about the key performance indicators of the DLP Module.
Information organized in a table format that must be protected against leakage. Table data is processed in Kaspersky Security using CSV (Comma Separated Values) files.
A new virus that is not yet registered in the databases. The application usually detects unknown viruses in objects by means of the heuristic analyzer. Such objects are tagged as probably infected.
A function performed by a Kaspersky application that enables it to keep computer protection up-to-date. During the update, an application downloads updates for its databases and modules from Kaspersky's update servers and automatically installs and applies them.
Fragments of text with data, causes a policy violation. The violation context is required for making a decision of an incident.
A program that infects other ones by adding its code to them in order to gain control when infected files are run. This simple definition allows exposing the main action performed by any virus – infection.
Page top