Filetypes Supported in Content Policies
DLP policies in Cisco Cloudlock monitor the content of files in the environment. Filetypes supported are listed below followed by any exceptions.
Supported Filetypes
Filetype | Mimetype |
---|---|
csv (Comma Separated Values) | text/comma-seperated-values |
doc (Microsoft Word '97+) | application/msword |
docx (Microsoft Word 2007+) | application/vnd.openxmlformats-officedocument-wordprocessingml.document |
eml (RFC822 Email File) | message/rfc822 |
html (Hyper Text Markup Language) | text/html |
OpenDocument Text | application/vnd.oasis.opendocument.text |
OpenDocument presentation | application/vnd.oasis.opendocument.presentation |
OpenDocument spreadsheet | application/vnd.oasis.opendocument.spreadsheet |
pdf (Portable Document Format) | application/pdf |
ppt (Microsoft Powerpoint '97+) | application/nvd.ms-powerpoint |
pptx (Microsoft Powerpoint 2007+) | application/vnd.openxmlformats-officedocument.presentationml.presentation |
rtf (Rich Text File) | application/rtf, text/rtf |
tsv (Tab Separated Values) | text/tab-seperated-values |
txt (Text) | text/plain |
url (Uniform Resource Locator) | text/url |
xls (Microsoft Excel '97+) | application/vnd.ms-excel |
xlsx (Microsoft Excel 2007+) | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |
zip (Zip Archives) | application/zip |
Exceptions
Attachments- Salesforce and ServiceNow
When a file is attached to a field or other object, it is uploaded and stored in the platform and at that point becomes subject to monitoring by relevant policies.
Spreadsheets
Cloudlock examines the first 1000 rows and 1000 columns, and a maximum of 100,000 total cells in a single spreadsheet document. Blank cells are still counted as data and the value is "null." Content is matched only if it appears in its entirety within a single cell.
PDFs
Cloudlock supports scanning of pdf for content and context only when digitally created. Pdfs that are typically scanned in via a scanner which creates an "image" of the document can only be monitored for exposure and file name.
Zip Files
Only up to 100 of the files within a zip file are scanned and only up to 5MB TOTAL of the zip file's contents are scanned. Cloudlock supports up to 10 levles of zip file nesting (a zip within a zip within a zip). Zip files are currently only supported in DLP policies.
RFC822 Email Files
Attachments are not supported.
Google Docs
In the Google platform, native Google Docs do not have "filetypes" per se (they have no filename extensions, for example), but they are monitored by Cloudlock. Only objects stored in Google Drive are monitored by Cloudlock; GMail attachments that are not stored in Google Drive — like any other file or document stored outside Drive — are not monitored.
Google Sites
Currently, Cloudlock supports Classic and New Sites through context only policies. For example: when permissions for the site changes (i.e. editing rights) the policy will flag as an incident. Exposure is not detected through publishing, however.
General
Individual files larger than 15MB are not examined.
Updated about 1 year ago