Seeking Solutions to Prevent DLP Issues with Adobe Cloud Services

Question

Hello everyone,I'm reaching out to gather insights on how to enhance our Data Loss Prevention (DLP) measures regarding Adobe Cloud services in our organization. We’ve noticed that employees can create private Adobe accounts and log into Adobe applications (like Acrobat) with these accounts, allowing them to export sensitive files to the cloud. This poses a significant risk as we cannot manage these private accounts like our domain-based accounts.I’m looking for effective strategies to address this issue. Here are a few ideas I’ve considered:Restricting Logins: Is there a way to restrict access to Adobe applications so that only accounts tied to our company domain can log in?Disabling Uploads: Can we disable the functionality that allows uploading files to non-domain based accounts?User Education: Implementing training programs to educate employees about DLP policies and the risks associated with using personal accounts for work-related tasks.Monitoring and Reporting: Setting up monitoring systems to detect any unauthorized access or uploads to Adobe Cloud from private accounts.Group Policies: Utilizing group policies to enforce restrictions on the applications and services that can be accessed from company devices.I would appreciate any guidance or suggestions on how to implement these solutions or any additional ideas you might have. Thank you for your help!Best regards

sprinklr-integration-user · Accepted Answer

Hi there,

Thank you for reaching out with your concerns about Data Loss Prevention (DLP) for Adobe Cloud services. Here are a few recommended strategies and resources that may help you strengthen your DLP protocols:

Restricting Logins: You can configure the Adobe Admin Console to enforce Single Sign-On (SSO), allowing only company domain-based accounts to access Adobe applications. This ensures only approved accounts are used on company devices. Adobe's Federated ID and Enterprise ID structures provide additional control to block personal Adobe IDs from logging in. For more details, refer to Adobe's documentation on setting up SSO.

Disabling Cloud File Uploads: Adobe provides options to restrict cloud storage usage. By using Admin Console policies, you can limit or disable Creative Cloud file syncing, which helps control file exports from within Adobe apps. Disabling specific services within the apps using these tools can reduce upload options for users on private accounts.

For more information, check out these articles:

Monitoring and Reporting: Adobe’s auditing and logging features enable tracking of user activity within Adobe apps, including logins and file transfers. This can provide crucial insights for identifying and preventing unauthorized actions. Further information on configuring audit logs can be found here.

Group Policies and Restrictions: You can leverage Group Policy settings to manage Adobe application installations and control cloud-syncing functions. Restricting access to the Adobe Creative Cloud Desktop app on company devices can also help enforce application-level DLP policies effectively.

Please feel free to reach out if you have more questions.

Regards,
^AN

kglad · Answer

in the future, to find the best place to post your message, use the list here, https://community.adobe.com/

p.s. i don't think the adobe website, and forums in particular, are easy to navigate, so don't spend a lot of time searching that forum list. do your best and we'll move the post (like this one has already been moved) if it helps you get responses.

<"moved from download & install">

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded