Create a DLP Policy

Overview

This guide provides instructions on creating and editing a Data Loss Prevention (DLP) policy. Define a new policy by specifying a name, description, and selecting a predefined data pattern. US-PII Data Pattern. Configure actions for detected data, review settings, and save the policy.


Creating a New DLP Policy

Click the Create New Policy button located in the top right of the screen to access the Create New Policy menu.

Enter a name and description for the policy, then click Next.

In the next step, select a data pattern from the list.

US - PII Data Pattern
US - Financial Data Patterns
Custom

  • US Social Security Number (SSN)

  • US Passport Number

  • US Driver’s License Number

  • US Taxpayer Identification Number (ITIN)

  • US Bank Account Number

  • Credit Card Number

  • US Taxpayer Identification Number (ITIN)

  • US Bank Account Number

  • Credit Card Number

  • Enter Regular Expressions

  • Max 5 regular expressions allowed. One expression per line.

  • For more information, click here.

In the Action section, select checkboxes to define the response when a match is found, then click Next.

This action will always populate to the Matches Log.

In the final section, review the information entered in Steps 1 and 2. To make edits, click Edit next to the relevant field or use the Back button to return to a previous step.

Once everything is correct, click Save Policy to save and activate the new policy.


FAQ

Q. How do I define a custom pattern for specific data types like a US Passport Number or SSN?

A. To create a custom DLP pattern, use regular expressions (regex) to match the specific format of the data you want to detect.

Example: US Passport Number

US passport numbers are 9-character alphanumeric codes (uppercase letters and numbers only). Use the following regex pattern to detect them:

\b[0-9A-Z]{9}\b

Explanation:

  • \b ensures the number is a separate word.

  • [0-9A-Z] matches any digit (0-9) or uppercase letter (A-Z).

  • {9} specifies exactly 9 characters.


Example: US Social Security Number (SSN)

US SSNs follow the XXX-XX-XXXX format. Use this regex pattern:

\d{3}-\d{2}-\d{4}

Explanation:

  • \d{3} matches three digits.

  • - matches the hyphen separator.

  • \d{2} matches two digits.

  • Another - matches the second hyphen.

  • \d{4} matches four digits.

You can test these patterns using tools like Rubular, which allows you to verify that your regex correctly identifies the intended data.

Last updated