Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a Classification using Dictionary

  1. Last updated
  2. Save as PDF

Dictionaries are collections of related keywords and phrases such as profanity or medical terminology. Creating Skyhigh Built-In Dictionary or Custom Dictionary with keywords allows you to classify your sensitive data. Sensitive data is compared to the dictionary entries and ranked according to a score, meaning the number of times the sensitive keywords need to appear in the content for the rule to be triggered.

The Classifications editor includes several Skyhigh Built-In dictionaries with terms commonly used in health, banking, finance, and other industries. You can also create your dictionaries or export built-in dictionaries to edit them to suit your organization's needs. Additionally, you can also set a score for the threshold in your classification to minimize the occurrence of false positives.

Create Skyhigh Security Built-in Dictionary

To create a dictionary using a built-in dictionary:

  1. Log In to Skyhigh CASB.
  2. Go to Policy > DLP Policies > Classifications.
  3. Click Actions > Create Classification
    • Classification Name. Enter a name for this classification. For example, My UK PII Dictionary. Enter an optional description to describe its use or purpose.
    • Category. Select a Category from the list. For this example, select PII.
    • Conditions. Click Select Criteria and select Dictionary. The Select Dictionaries cloud card displays.
  4. Search for and select one or more built-in dictionaries you want to start from. For example, select UK PII Keywords (Skyhigh), Admission Discharge (Skyhigh), and Australian PII Keywords (Skyhigh).

NOTE: You can select any number of Skyhigh Built-In dictionaries from the Select Dictionaries cloud card, but only the first 10 Built-In dictionaries are displayed on the Classification editor.

clipboard_efc642a038718119fa148afffefa99c41.png

  1. Click New to add a custom dictionary based on an existing Skyhigh Built-In Dictionary. For details, see Create a Custom Dictionary using Skyhigh Built-In Dictionary.
  2. Click i to view the Keywords for the selected Dictionary displayed on the second side panel. You can also click Usage to see if the selected Dictionary is being used in other classifications.
  3. Click the three-dot menu to:
    • Clone. Clone the Skyhigh built-in dictionary.
    • Export. Export the selected dictionaries with associated keywords and details (such as Case sensitive, Starts with, Ends with, and score) into a CSV file.

NOTE: You cannot edit the Skyhigh built-in dictionaries, including the associated keywords and advanced settings options such as Case sensitive, Starts with, Ends with, and Score. However, you can create a custom classification by either cloning the dictionaries and edit keywords and advanced setting options, or exporting the dictionaries into a CSV file and importing them.

clipboard_e27497714a9095d31922e03e50ecbf242.png

  1. To close the side panel, click X.
  2. Click Done.
  3. The selected Dictionary is now added to the Classification editor. Optionally, you can edit the threshold by clicking [1]. Enter a number to indicate the weight of the Dictionary in threshold matching.
    clipboard_e2af8c6a60bf1f6c957800149008d1b66.png
  4. Add more classification conditions as needed and click Save.

Your new classification with Skyhigh Built-In Dictionary is saved to the selected category in the Classifications list. Add the classification to your data protection policies as needed.​​​​​​

Create Custom Dictionary using Skyhigh Built-In Dictionary

Create a custom dictionary using Skyhigh Built-In dictionary to meet your data protection needs. For example, if you need to protect sensitive personal information and want to use the Skyhigh PII Keywords dictionary as your basis, but you want to add terms to suit your organizational needs.

Perform the initial steps of creating your dictionary classification as provided in steps 1 to 4 in the Create Skyhigh Security Built-In Dictionary section. 

  1. Click New. Enter a name and optional description for the dictionary.
    clipboard_e66cdefcfccaae3ec7d5ead71d20086cc.png
  2. To enter keywords into the dictionary:
    • Click the Add keyword to manually enter words or phrases. 
    • Click the three- dot menu for these options:
      • Import.csv. Import the keywords you want to add to this dictionary from a CSV file.  For details, see Import Keywords from CSV.
      • Advanced Settings. Advanced settings are flags that give more information to the DLP scanning engine. Define a keyword as Case-sensitive, Starts with, Ends with, and add a threshold Score to weight individual entries. Scores can be between negative or positive, -99 to 999. The higher the number, the greater the weight is given to the keyword, which will exceed the threshold and trigger an incident. 
        clipboard_e0f12fc9dedd09b54d5fa36fa80ceaf6b.png
    • Click Save. The custom dictionary My UK PII Keywords is added to the dictionary list. Select both the existing Skyhigh Built-In Dictionary and Custom Dictionary list to add to the Classification editor. 
      clipboard_e8b9cea54f09e2349a93f567c5a898e79.png
  3. Add more classification conditions as needed and click Save.

Your custom classification with the Custom Dictionary and Skyhigh Built-In Dictionary is saved to the selected category in the Classifications list. Add the classification to your data protection policies as needed.

Skyhigh Built-In Dictionary Use Cases

Count each match string only one time feature

Suppose you have a Confidential Data document with multiple instances of the keyword Confidential. However, if you want to trigger matches for duplicate counts, you can activate the Count each match string only one time checkbox. During the policy evaluation, the match will count only once, even if multiple instances of the keyword Confidential are found in the document. To find this option on UI, see Count each match string only one time.
clipboard_e6b1ee70ec3565c0de636144483c89691.png

Match all Keywords in Skyhigh's Built-In Dictionary List

  1. Create a classification using Skyhigh's built-in dictionary. Perform the initial steps of creating your dictionary classification as provided in steps 1 to 4 in the Create Skyhigh Security Built-In Dictionary section. 
  2. Click i to view the Keywords for the selected Built-In Dictionary displayed on the second side panel. Count the number of keywords in the selected Skyhigh Built-In dictionary set. For example, the number of keywords found is 20.
    clipboard_e73c7484512e7a0a6c6f5186f6399cf0c.png
  3. To match all keywords in the Skyhigh Built-In Dictionary list, set the match threshold on the Classification editor equal to the number of items found in the dictionary list. For example, set the threshold as 20.
  4. To avoid counting duplicate matched keywords multiple times, enable the checkbox Count each match string only one time and save your classification.
    clipboard_e2321b79fa488044c412eb633a69e3107.png

Set the Threshold for the number of Keyword Matches in Skyhigh's Built-In Dictionary

  1. Create a classification using Skyhigh's Built-In dictionary. Perform the initial steps of creating your dictionary classification as provided in steps 1 to 10 in the Create Skyhigh Built-In Dictionary section. 
  2. Select your Skyhigh Built-In Dictionary. For example, Confidential Data and click i to view the number of keywords associated with it. You will find that there are more than 40 confidential terms listed in the keyword list. But you need only 20 random keywords from that dictionary to match and trigger an incident.
    Skyhigh.png
  3. To set the threshold as 20, add your dictionary to the Classification editor. Edit the threshold by clicking [1] and enter 20 to indicate the weight of the Dictionary in threshold matching and save your classification.
    clipboard_efcf11e5784e21451008626f53aee640d.png

Skyhigh Built-In Dictionary and Custom Dictionary Use Case

Create Complex Matching Rules using Boolean Logic and Set Thresholds for Dictionaries

Boolean logic combines several complex rules or conditions through Rule Groups. These groups combine all conditions using OR and AND operators. You can create complex matching rules by combining Skyhigh Built-In or Custom keyword lists using OR and AND operators. All conditions within a group must match for the group to be triggered. Multiple Rule Groups can be defined and combined using OR and AND operators, allowing users to set different thresholds for each Dictionary definition. This means any group within a policy must match the policy to be triggered.

To create complex matching rules and set thresholds for dictionary definitions:

  1. Create a classification by selecting any of or all of Skyhigh Built-In Dictionaries or Custom Dictionaries.
    clipboard_eeabe76feb941e960e4a7175cc28898e3.png
  2. Click Rule Group 2 to edit the desired name for your rule group. Set different thresholds for each Built-In or Custom Dictionary list by clicking [1]. Enter a number to indicate the weight of the Dictionary in threshold matching.
    clipboard_e49ea1e015b503dc1217c4aa419bde8c8.png
  3. Click AND to add more dictionary conditions to your Rule Group. 
    clipboard_ecb48b085840c85f794bc80d1048528f9.png
  4. Click NEW RULE GROUP to add a new dictionary condition combined with the OR operator and save your classification.
    clipboard_ea4310e773ccd32e9b5fee5ffe3971fe7.png
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. UCE