Knowledgebase
Metadata-based data classification
Posted by Michael Skoupý, Last modified by Michael Skoupý on 07 November 2019 03:28 PM

In Safetica 9.3+ you may choose to classify data using persistent metadata. 

Unlike NTFS tags, previously available for data classified by context rules, metadata classification is stored directly into files and stays embedded within them even when the files leave endpoints. 

Metadata classification is suitable for advanced use cases, when files leave protected endpoints (for example, to cloud storage) and then return to them, or when you want to detect and protect Safetica-classified files when they travel through network or cloud. 

Using metadata classification allows for better integration with third-party solutions, such as the FortiGate network appliance.

Limitations 

As of version 9.3, the following uses cases are supported: 

  • Classifying data downloaded from the web (e.g. the company intranet system) 
  • Classifying data exported from applications (e.g. the company’s CRM system) 
  • Classifying data stored in a specific location (e.g. the company’s shared network storage) 

Metadata-based data classification is currently not 100% on par with other Safetica data classification alternatives and the limitations include: 

  • The currently supported file types include only the most common Office document file types: .docx, .xlsx, .pptx, .pdf 
  • On-the-fly classification for data in transit is not yet supported 
  • DLP policy rules marked as "expert" (remote transfer, burning, network, local paths, exclusive access) will currently not work for files with metadata classification

The limitations will be gradually addressed in upcoming versions of Safetica. In the meantime, feel free to provide your feedback to [email protected]. 

How to check metadata classification 

You can check whether a file has embedded Safetica metadata classification as follows: 

Open the file in a relevant Microsoft Office application and go to File / Properties / Advanced Properties and you can find Safetica classification under the Custom tab: 

For PDF files, open the file in Adobe Acrobat Reader and go to File / Properties and you can find Safetica classification under the Custom tab: 

 How to remove metadata classification 

In case you want to remove metadata-based data classification from your files, you can use the standard Context tag removal feature available in the Safetica Management Console under DLP / Data categories. 

(1 vote(s))
Helpful
Not helpful