Knowledgebase
Knowledgebase: English > Configuration Guide > DLP
Third party classification
Posted by Michael Skoupý, Last modified by Michael Skoupý on 06 August 2019 10:54 AM

Third-party classification allows Safetica to search the properties of Microsoft Office documents for a data classification applied to the document by another software.

Supported third party tools

Safetica is universally compatible with third party classification tools that store the classification information (tags) in the document properties. We have specifically confirmed compatibility with the following classification tools:

  • Microsoft Azure Information Protection
  • Boldon James
  • Titus
  • Tukan GREENmod

General configuration

While you can use the third party classification as a source of information for Safetica file tagging, it’s main purpose is to be used in Safetica Channel Control.

To configure this feature go to Safetica Console - DLP - Data category, click New data category and create new Existing classification (metadata) category. After that click Configure classification:


  • The Classification identifier filed is for specifying the classification type in general.
  • The Tag identifier field can be used for specifying the classification’s more specific parameter.

Tip: You can specify both fields, or leave one of them empty for a more general detection of classified documents.

  • The Regex checkbox is an optional setting for cases when you would like to search for regular expressions instead of a specific string.


Below are described several ways to obtain the
Classification identifier and Tag identifier values.

Configuration using sample documents

In case you have access to sample classified documents from your company, you can use them to find the classification identifiers. Simply open the document(s) in the Office suite Open File - Properties, and click Advanced properties.

Under the “Custom” tab you will find various properties - you will have to identify the one which is common for your classified files. Then, you simply copy its name (or a part of it) into the classification identifier field, and optionally its “value” into the tag identifier field.


Here are examples of the final configuration parameters:

Third party technology

Classification identifier

Tag identifier

Microsoft Azure Information Protection

0034f115-2835-4348-b421-de66a63e347f

Boldon James

DLPTRIGGER

[*{Internal}*]

Tukan GREENmod

TukanITGREENmodCATEGORY

RESTRICTED

In case of AIP classification, the tag identifier field may be left empty

Configuration using Azure Information Protection

If you’re using Azure Information Protection’s classification capabilities, you can easily obtain the required information from the Azure AD admin center at https://aad.portal.azure.com/

Once in the admin center, go to the section Azure Information Protection. There, in the Policies section you will find all existing policies:

Choose the policy you need detected by Safetica and open it. On the very bottom of the configuration window you will find your “Label ID”:

For Safetica to register your Azure AIP-labeled files, you will need to enter the following information into the Third Party Classification window:

Classification identifier

Tag identifier

What will Safetica detect

MSIP_Label_

All files classified by AIP, regardless of label ID

cf8068d2-8761-4163-baee-5442b203479c

Files classified by AIP as “Confidential”
(as per the example above)

In case of AIP classification, the tag identifier field may be left empty

(0 vote(s))
Helpful
Not helpful