Manage Data Classifications
The Data Loss Prevention (DLP) policy monitors or blocks content based on the rules configured for the policy. The rules use data identifiers and data classifications, which describe the type of data to be monitored or blocked. The file and form types supported by the DLP policy are listed here.
Data identifiers describe the content the Data Loss Prevention Policy monitors or blocks. Data identifiers can describe Personal Information Identifiers (PII) that may identify an individual, such as financial account numbers, medical records, passport or government identification numbers, or credit card numbers. Data identifiers can also describe certain content an organization may wish to monitor or block within its network traffic, such as discriminatory or aggressive content. Umbrella provides a collection of built-in data identifiers (see Built-in Data Identifiers and Individual Data Identifiers), and you can create custom identifiers based on the built-in data identifiers (see Copy and Customize a Data Identifier).
Data classifications are groups of data identifiers combined for the purpose of monitoring or blocking closely related content. For example, you can create a data classification that encompasses medically related content by including the built-in identifiers for ICD codes, drug names, prescription names, health conditions, and national drug code names. The classification, when applied to a rule in the Data Loss Prevention Policy, will monitor or block content matching those identifiers.
There are three ways to establish a data classification to apply to a data loss prevention rule:
- You can create a custom data classification entirely of your own design. (See Create a Data Classification.)
- You can create a custom data classification based on a built-in data classification provided by the system. (See Copy and Customize a Built-In Data Classification ).
- You can apply a built-in data classification provided by the system.
The system provides four different built-in data classifications. You can apply these directly to your DLP rules or copy them and customize the copies to create your own data classifications. Each of the built-in data classifications has a different set of built-in data identifiers associated with it. The four pre-defined data classifications are described in Built-In Data Classifications.
View Content Categories in Reports < Manage Data Classifications > Create a Data Classification
Updated about 3 hours ago