Metadata-based data classification
Posted by Michael Skoupý, Last modified by Michael Skoupý on 02 October 2019 02:02 PM

In Safetica 9.3+ you may choose to classify data using persistent metadata. 

Unlike NTFS tags, previously available for data classified by context rules, metadata classification is stored directly into files and stays embedded within them even when the files leave endpoints. 

Metadata classification is suitable for advanced use cases, when files leave protected endpoints (for example, to cloud storage) and then return to them, or when you want to detect and protect Safetica-classified files when they travel through network or cloud. 

Using metadata classification allows for better integration with third-party solutions, such as the FortiGate network appliance.


As of version 9.3, the following uses cases are supported: 

  • Classifying data downloaded from the web (e.g. the company intranet system) 
  • Classifying data exported from applications (e.g. the company’s CRM system) 
  • Classifying data stored in a specific location (e.g. the company’s shared network storage) 

Metadata-based data classification is currently not 100% on par with other Safetica data classification alternatives and the limitations include: 

  • The currently supported file types include only the most common Office document file types: .docx, .xlsx, .pptx, .pdf 
  • On-the-fly classification for data in transit is not yet supported 
  • DLP restrictions applied to files with metadata classification may not work 100% identically to NTFS context tag restrictions 

The limitations will be gradually addressed in upcoming versions of Safetica. In the meantime, feel free to provide your feedback to [email protected]. 

(0 vote(s))
Not helpful