Skip to main content
Skyhigh Security

Create a Classification

Use classifications in your Shadow/Web DLP Policies to identify sensitive data. A range of built-in classifications are provided for complying with various regulations, or you can create custom classifications, using criteria such as keywords, regular expressions, file type, and more.

Keyword validation looks for a predefined set of keywords within 200 characters (about 30-word) radius from a matched pattern.

  1. In Skyhigh CASB go to Policy > DLP Policies > Classifications
  2. Click Actions > Create Classification
  3. Classification Name. Enter a name for this classification. For example, Confidential Data 2. Enter an optional description to describe its use or purpose.
  4. Category. Select a Category from the list. For this example, select Sensitive.
  5. Conditions. For IF, for this example, select Keywords.
    The following Conditions are available:
    • Dictionary. Dictionaries are collections of related keywords and phrases such as profanity or medical terminology. Add a Skyhigh Security built-in dictionary or customize your own. Set a threshold to reduce false positives by editing the number. 
      TIP: Click the i icon to the right of a Skyhigh dictionary to view the keywords and phrases included in the dictionary. You can also click Usage to see if the selected dictionary is being used in other classifications.
    • Advanced Pattern. Advanced patterns are regular expressions or phrases used to match data, such as dates or credit card numbers. Select a Skyhigh built-in advanced pattern or customize your own. Set a threshold to reduce false positives by editing the number.
      TIP: Click the i icon to the right of a Skyhigh Advanced Pattern to view all its details. You can also click Usage to see if the selected Advanced Pattern is being used in other classifications.
    • True File Type. Specify the True File Type to determine which files to detect. For example, a CPP file saved as a TXT file can be detected using the True File Type classification criteria. Select from the Skyhigh Security built-in True File Types.
      TIP: Click the i icon to the right of a Skyhigh Security True File Type to view its details.
    • File ExtensionFile Extensions are supported file types you want to apply the classification criteria, such as MP3 and PDF. Select Skyhigh Security built-in file extensions or customize your own.
    • File Size. Specify the minimum or maximum size of the files you are interested in. Between allows you to define a range. Choose from:
      • is less than
      • is greater than
      • is between
    • Location in File. Select the section of the file to look for sensitive content; Header, Footer, Body or within the first characters. This option becomes available in the Classifications Editor when you select to use a Dictionary, Advanced Pattern, or Keyword as a definition type.
      • Microsoft Word documents - You can identify the header, body, and footer.
      • PowerPoint documents - WordArt is considered the Header. Everything else is identified as the Body.
      • Other documents - Only Body is applicable.
    • Keywords. Keywords specify a string value. You can add multiple keywords, separated by commas. Keywords are not reusable in other classifications. Enter keywords, separated by a comma. Any match will count as a detection. 
  6. Enter the Keywords separated by commas: Confidential, Sensitive, Secret
    classifications_create_keywords.png
  7. Add more classification conditions as needed and click Save.

The Custom Classification is added to your Category. You may use it to create DLP Policies. 

  • Was this article helpful?