Create a Classification

Use classifications in your Shadow/Web DLP Policies to identify sensitive data. A range of built-in classifications are provided for complying with various regulations, or you can create custom classifications, using criteria such as keywords, regular expressions, file type, and more.

Keyword validation looks for a predefined set of keywords within 200 characters (about 30-word) radius from a matched pattern.

1. Go to Policy > DLP Policies > Classifications. 
2. Click Actions > Create Classification. 
3. Classification Name. Enter a name for this classification. For example, Confidential Data 2. Enter an optional description to describe its use or purpose.
4. Category. Select a Category from the list. For this example, select Sensitive.
5. Conditions. For IF, for this example, select Keywords.
   The following Conditions are available:
   
   • Dictionary. Dictionaries are collections of related keywords and phrases such as profanity or medical terminology. Add a Skyhigh Security built-in dictionary or customize your own. Set a threshold to reduce false positives by editing the number. 
     TIP: Click the i icon to the right of a Skyhigh dictionary to view the keywords and phrases included in the dictionary. You can also click Usage to see if the selected dictionary is being used in other classifications.
   • Advanced Pattern. Advanced patterns are regular expressions or phrases used to match data, such as dates or credit card numbers. Select a Skyhigh built-in advanced pattern or customize your own. Set a threshold to reduce false positives by editing the number.
     TIP: Click the i icon to the right of a Skyhigh Advanced Pattern to view all its details. You can also click Usage to see if the selected Advanced Pattern is being used in other classifications.
   • True File Type. Specify the True File Type to determine which files to detect. For example, a CPP file saved as a TXT file can be detected using the True File Type classification criteria. Select from the Skyhigh Security built-in True File Types.
     TIP: Click the i icon to the right of a Skyhigh Security True File Type to view its details.
   • File Extension. File Extensions are supported file types you want to apply the classification criteria, such as MP3 and PDF. Select Skyhigh Security built-in file extensions or customize your own.
   • File Size. Specify the minimum or maximum size of the files you are interested in. Between allows you to define a range. Choose from:
     • is less than
     • is greater than
     • is between
   • Location in File. Select the section of the file to look for sensitive content; Header, Footer, Body or within the first characters. This option becomes available in the Classifications Editor when you select to use a Dictionary, Advanced Pattern, or Keyword as a definition type.
     • Microsoft Word documents - You can identify the header, body, and footer.
     • PowerPoint documents - WordArt is considered the Header. Everything else is identified as the Body.
     • Other documents - Only Body is applicable.
   • Keywords. Keywords specify a string value. You can add multiple keywords, separated by commas. Keywords are not reusable in other classifications. Enter keywords, separated by a comma. Any match will count as a detection. 
6. Enter the Keywords separated by commas: Confidential, Sensitive, Secret. 
   
7. Click AND to add more conditions as needed.
8. Click NEW RULE GROUP to add more conditions. Several conditions can be combined using Boolean logic. Boolean logic is supported through Rule Groups. All conditions in a group are logically combined with OR and AND operators. All conditions must match within the group. Multiple Rule Groups can be named, defined, and combined logically with OR and AND operators. This means any group within a policy must match the policy to be triggered.  
   

The Custom Classification is added to your Category. You may use it to create DLP Policies.