Predefined data classifications, policies, and destinations groups in Safetica

Learn about predefined data classifications for detecting sensitive data, best-practice and example policies for easier data protection, and predefined destination groups that facilitate categorizing destinations as untrusted or safe.

Every new Safetica environment starts with a set of predefined templates that you can use, enable/disable, modify, or delete as needed. Available are templates for:

 

Predefined data classifications

In the Data classification section, you will find the following predefined data classifications. All except the Executables and scripts classification are enabled by default and are used in predefined policies:

  • Executables or scripts (disabled by default) – Detects executables and scripts based on file types.
  • Existing classification – Detects files classified via MIP labels and by Boldon James.
  • Finance: PCI DSS – Payment Card Industry Data Security Standard. Detects credit card numbers and credit card security codes based on keywords and predefined algorithms.
  • Healthcare – Detects files that contain selected healthcare identifiers (insurance and security numbers) and terms.
  • High volumes of sensitive data – Detects files with high volumes of sensitive data (healthcare terms, IBANs, credit card numbers, email addresses, IP addresses), which may be sensitive lists or exports.
  • Personal: CCPA – California Consumer Privacy Act data classification (USA).
  • Personal: GDPR – General Data Protection Regulation (EU).
  • Personal: LGPD – General Data Protection Law (Brazil).
  • Personal: PIPEDA – Personal Information Protection and Electronic Documents Act (Canada)
  • Source code – Detects source code files based on file types and keywords.
  • TLP-restricted – Detects sensitive files classified by the Traffic Light Protocol.

 

Predefined policies

In the Policies section, you will find predefined data, application, website, external device, and auditing policies. Most of them are disabled by default, only the following core best-practice policies are enabled. Please modify or disable them if necessary:

  • Data policies: Best practice: Log all outgoing sensitive data as incident. Most of the predefined data policies are also linked to predefined data classifications described above.
  • Application policies: Best practice: Block dangerous apps.
  • Website policies: Best practice: Block dangerous websites.
  • External device policies: None – all predefined external device policies are disabled by default.
  • Auditing policies: Best practice: Audit all.

 

There are 2 types of predefined policies:

  • Example policies – scenarios that answer specific use cases, such as how to make an exemption for a specific team (e.g. give team leaders the option to override blocking policies) or how to protect sensitive data from being transferred to external storage devices. The names of these policies begin with the Example prefix.
  • Best practice policies – Safetica recommendations to enhance data security in a company, such as blocking the use of dangerous applications and visits to dangerous websites or recording all outgoing sensitive data as incidents. The names of these policies begin with the Best practice prefix. 

 

Predefined destination groups

In the Data destination section, you will find predefined destination groups. You can click each group to see its details and the specific destinations it contains.

In untrusted destinations, you will find:

  • Personal non-company external devices – prepared for the admin to add non-company devices used by their users.
  • AI tools – websites that use artificial intelligence algorithms to perform specific tasks, such as chat.openai.com or canva.com.
  • AWS – websites related to Amazon cloud computing services.
  • Azure – websites related to Azure cloud computing services.
  • Converters & online tools – websites that enable file type conversions, untrusted search engines, dictionaries, etc.
  • File sharing – websites that enable file uploads and downloads.
  • Free email services – domains of free email providers.
  • Google Cloud – websites related to Google cloud computing services.
  • Google Workspace – websites related to the suite of online tools from Google, such Google Sheets, Google Drive, Google Docs, etc.
  • Social networks – websites related to social media, such as Facebook, Instagram, LinkedIn, Pinterest, Reddit, etc.
  • Web-based instant messengers – websites related to services such as Google Chat, Discord, ICQ, Line, Signal, Skype, Telegram, Snapchat, etc.

 

In trusted destinations, you will find:

  • Microsoft 365 – websites related to Microsoft 365 apps, such as OneDrive, OneNote, SharePoint, Outlook, etc.
  • Internal – prepared for the admin to add internal company destinations.
  • Company Git repositories – prepared for the admin to add company-owned Git repositories.
  • Development – prepared for the admin to add development-related destinations that are considered safe by the company.
  • Marketing – prepared for the admin to add marketing-related destinations that are considered safe by the company.