Skip to main content
Skyhigh Security

About Classifications

To protect sensitive data, start by identifying the data to be protected and categorize the data using classifications. Data protection rules apply the classification criteria and other definitions to protect sensitive data from leaving your organization.

Skyhigh Security provides range of built-in classifications for common requirements, and you can use them to comply with required regulations. You can also create custom classifications to suit your organization's needs. Both built-in and customized classifications are consistent and can be used across your data protection policies. Create and manage classifications with the unified Classifications editor.

The Classifications editor displays the list of built-in classifications and user-defined custom classifications. Classifications are categorized into logical groups. For example, the Healthcare category includes classifications for detecting possible HIPAA violations, and more. Built-in classifications include, among others, classifications for detecting personal identifiable information (PII), with classifications specific to different countries. You can use built-in classifications as is in data protection policies, or you can customize new classifications.

NOTE: For users with Trellix DLP Endpoint, you can also enforce consistent classifications for DLP Endpoint and cloud policies. 

Classify your data

You can identify sensitive data with text patterns using regular expressions, dictionaries, and keywords. They can also specify file conditions such as the true file type, file extension, file size, or location in the file.

Methods to define classification criteria include:

  • Advanced patterns — Regular expressions or phrases, used to match patterns such as social security numbers or credit card numbers. Advanced patterns are ranked according to a score, meaning, the number of times the sensitive expressions need to appear in the content for the rule to be triggered. The Classifications editor includes several built-in advanced patterns for ensuring compliance with government regulations and simplifying the detection of personal information. You can also create your own advanced patterns.
  • Dictionaries — Collections of related keywords and phrases, such as profanity or medical terminology. Sensitive data is compared to the dictionary entries and ranked according to a score, meaning the number of times the sensitive keywords need to appear in the content for the rule to be triggered. The Classifications editor includes several built-in dictionaries with terms commonly used in health, banking, finance, and other industries. You can also create your own dictionaries or export built-in dictionaries to edit them to suit your organization's needs.
  • Keywords — A string value that defines sensitive data. You can add multiple keywords for content classifications. Keywords are not consistent across classifications. If you need to use consistent keywords across classifications, use a dictionary.
  • File size — The size of the file to detect sensitive data. You can also define a file size range.
  • True file types — True file types determine which files to identify the sensitive data. True file types detect attachment violations when file extensions are renamed and sent as attachments. For example, if a .cpp file is saved as a .txt file, true file type classification can detect it.
  • File extension - The file types, such as MP3 and PDF.
  • Location in file - The section of the file to look for sensitive content; Header, Footer, Body or within the first characters.
    • Microsoft Word documents - You can identify the header, body, and footer.
    • PowerPoint documents - WordArt is considered the Header. Everything else is identified as the Body.
    • Other documents - Only Body is applicable.
  • Was this article helpful?