Posted by Ladislav Mlčák, Last modified by Štěpán Horký on 11 June 2019 01:31 PM
Data category types
In versions 8.3 and above, Safetica offers three alternative ways of setting up its DLP features and these depend on the main use case:
Note: Option C is only recommended to knowledgeable and experienced users, as it requires considerably longer deployment time and troubleshooting and a higher level of maintenance in the long term.
A. Data categorized by sensitive content
This approach is particularly suitable for regulatory compliance use cases, e.g. to address GDPR, HIPAA, PCI-DSS and similar regulations; or to detect specific keywords or expressions which are considered sensitive in an organization. It allows you to specify built-in dictionaries, pre-defined algorithms, keywords and regular expressions which will be searched for among company files. If Safetica DLP detects sensitive content in a file, you can enforce security policies on it.
Data categories defined by sensitive content also allow Safetica administrators to run discovery tasks, which can scan data on selected endpoints and provide reports of found files with sensitive content. In past versions, running content discovery tasks was possible through the legacy File Tagging feature (as documented here). For Safetica versions 8.3 and above we recommend using the new discovery tasks included under data categories.
B. Data categorized by existing classification
This approach assumes you have used a data classification solution which will complement Safetica's DLP policies. It is suitable for environments where data classification is enforced through employees, company processes or automated classification solutions. For each of your classification groups or labels we recommend creating a separate Safetica data category, and specify the classification's proper format. You can follow these instructions to correctly configure your classification's metadata format.
Note: As of version 8.3, DLP approaches A (sensitive content) and B (existing classification) have the following limitations:
The list of supported policies, applications and file types will be gradually updated in subsequent Safetica releases. If you find an important limitation, we encourage you to leave feedback so that it can be addressed in future releases.
C. Data categorized by context rules
This approach is suitable for special use cases with data which cannot be easily identified by content or existing data classification.
The expert context rules allow you to define data by:
The configuration of this approach is resource intensive, and the required effort to test, deploy, troubleshoot and maintain a context DLP increases significantly with the size of the environment and the complexity of security policies. Therefore we do not recommended using this as the primary approach to DLP, and rather have it cover only incomplete or atypical use cases.
Data categories priority
In Safetica 8, data categories used to be evaluated by priority. In Safetica 9 this is no longer the case and DLP policy order manages how priority is evaluated.