: Predefined Data Patterns on Data Security
Focus
Focus

Predefined Data Patterns on Data Security

Table of Contents

Predefined Data Patterns on
Data Security

Learn about how
Data Security
categorizes predefined data patterns.
Use one of the following topics:
See About Enterprise DLP if you have purchased Enterprise DLP or opted in for a trial.

Data Security
Data Patterns—SaaS Security DLP (Classic)

Data Security
provides predefined data patterns that enable you to discover sensitive content and uncover how that content is being shared or accessed in your managed cloud applications. The service automatically scans your cloud applications when you Add Cloud Apps to Data Security using predefined data patterns, classifies all documents, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies.
As the service displays incidents that match the predefined data patterns, you can explore and filter the results to determine if the content that the service reported poses a risk to your organization. Then, you can do any of the following to prevent future violations:
Data Security
categorizes predefined data patterns as follows:
Content Category
Scans for
Intellectual Property
Scans files for RSA and AWS secret keys and confidential documents that are at risk of being stored or shared in a way that could result in a loss of intellectual property.
You can specify
File Extensions to Exclude
. Excluding files that are unlikely to have intellectual property information that is public and not at risk of being exposed or shared in non-compliant ways helps minimize false positives.
Personally Identifiable Information (PII)
Scans for PII data, such as U.S., Canadian, and international social security numbers. It also scans for Tax IDs from the U.S., Australia, Canada, Germany, and the UK for both the Unique Tax Payer ID, (UTR) and National Insurance Number (NINO) formats.
For each type of PII that
Data Security
scans for, you can specify the minimum number of occurrences required to trigger a match. As the number of violations for a specific asset exceeds the specified threshold, the severity of the risk increases.
Financial Information
Scans for financial data including credit card numbers, credit card magnetic stripe data, international bank account numbers, financial accounting, bank statements, personal finance, invoices, and other financial documents. By default,
Data Security
performs strict checking on credit card numbers to reduce false positives.
Healthcare Information
Scans healthcare documents for exposure to sensitive or confidential information, related to Clinical Laboratory Improvement Amendments (CLIA) number, Drug Enforcement Administration (DEA) number, and other healthcare documents.
Data Security
uses machine learning algorithms to classify information and to detect sensitive information.
Legal Information
Scans legal documents for exposure to sensitive or confidential information related to bankruptcy filings, lawsuits, business agreements, mergers and acquisition information, patents, and other legal documents.
Data Security
uses machine learning algorithms to classify information and to detect sensitive information.
Malware
Scans files using WildFire Analysis to detect and protect against malicious portable executables (PEs), Microsoft Office Files, Adobe Portable Document Format (PDF) files, and known threats based on file hash.
A hash is a unique fingerprint of a file. It is string of letters and digits that is generated as a result of running a file through a cryptographic hash function.
By default,
Data Security
automatically submits portable executable files to the WildFire service for analysis (
Windows executables
).

Data Security
Data Profiles

Data Security
provides predefined data profiles, which include predefined data patterns, that enable you to discover sensitive content and how that content is being shared or accessed in your managed cloud applications. Predefined data patterns use either machine learning or regex based detection for scanned files. The service automatically scans your cloud applications when you Add Cloud Apps to Data Security using predefined data patterns, classifies all documents, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies.
The predefined data patterns and data profiles that come with DLP (Data Loss Prevention) work automatically: you don't enable, configure, or create data policies to use them, unless you want to open incidents. After your end users upload files that include social security numbers or credit card numbers, for example, and
Data Security
scans theses assets,
Data Security
evaluates, identifies, then exposes those assets. These tools are built into
Data Security
—they’re automatically provisioned and protect your data.
  • SaaS Security with Enterprise DLP—
    SaaS Security regularly releases new data patterns and data profiles. Although the screen shots that include a data profile or data pattern count might not be up to date, the comparison table includes an accurate count.
  • SaaS Security DLP—
    Screen shots that include a data profile or data pattern count might not be up to date. SaaS Security regularly releases new data patterns and data profiles. See the comparison table for current information.
SaaS Security with Enterprise DLP provides you exclusive access to predefined data patterns and data profiles. SaaS Security web interface displays all predefined data patterns and data profiles irrespective of your having SaaS Security with Enterprise DLP, and uses a lock icon to highlight data patterns and data profiles that require the license.
As the service displays incidents that match the predefined data patterns, you can explore and filter the results to determine if the content that the service reported poses a risk to your organization. Then, you can do any of the following to prevent future violations:
Data Security
categorizes predefined data patterns as follows:
Predefined Data Profile Name
SaaS Security with Enterprise DLP Required?
Description
Bulk CCN
Yes
Detects and scans for Credit card numbers or Voyager credit card numbers more than or equal to 100.
CCPA (California Consumer Privacy Act)
Yes
Scans for Bank - American Bankers Association Routing Number, Bank - International Bank Account Number, Driver License - US, Address - US, Tax Id - US - TIN, Credit Card Number, Magnetic Stripe Information, Passport - US, Address - US, National Id - US Social Security Number - SSN.
Commonwealth of Australia - The Privacy Act 1988
Yes
Detects medical conditions or diseases, and lifestyle keywords that relate to medical conditions when found with PII data such as TFN and Passport.
Corporate Financial Docs
Yes
Detects Financial accounting and generic financial information.
Financial Information
No
Scans for Bank statements, bank routing number, credit card numbers (strict checking), bankruptcy filing, international bank account number, invoices, magnetic stripe information, and Committee on Uniform Securities identification procedure number.
GDPR (General Data Protection Regulation)
Yes
Scans for GDPR- Driver's License, Tax ID, National ID, and Passport.
GLBA (Gramm-Leach-Bliley Act)
Yes
Scans for Credit card number, Voyager credit card, magnetic stripe information, Tax Id - US - TIN, and National Id - US Social Security Number - SSN.
Healthcare
No
Detects Clinical Laboratory Improvement Amendments (CLIA) number, Drug Enforcement Administration (DEA) number, and other healthcare documents.
HIPAA
Yes
Scans for National Id - US, Social Security Number - SSN, US - Name, Date of Birth, Medical Condition, Address - US.
Identifies medical conditions or diseases, impairments listed under social security for the purposes of disability evaluation, and lifestyle keywords that relate to medical conditions.
Intellectual Property
Yes
Detects content that includes Source code, AWS secret key, access key, and company confidential.
Legal
Yes
Detects Legal documents, including lawsuits, M&A, standard business agreements, patents, and bankruptcy filings.
Malware
No
Detects malware in Microsoft Office documents, PDF, and portable executable files, and known threats against WildFire. The verdict is based on a hash, which is a unique fingerprint of a file.
PHI (Personal Health Information)
No
Detects content that includes Medical codes: ICD-9, ICD-10, NPI codes, Clinical Laboratory Improvement Amendments (CLIA) number, Drug Enforcement Administration (DEA) number, and more.
PHIPA
Yes
Identifies medical conditions or diseases and lifestyle keywords that relate to medical conditions. Detects if Healthcare ID is present with other medical or PII data.
PIPEDA
Yes
Detects highly sensitive information such as SIN, Passport, CCN exist with other PII or PCI.
PII (Personally-Identifiable Information)
Yes
Detects content that includes Tax ID, National ID, Passport, Driver’s License, and License plate numbers.
Profanity
Yes
Detects censored, blasphemous, personal, homophobic, racial, and sexual content.
Secrets and Credentials
No
Detects content that includes Cloud database credentials, Application credentials, API access tokens, Private keys, and miscellaneous secret keys.
Self Harm
Yes
Detects Self Harm - Suicidal content
Sensitive content
Yes
Detects content that includes National ID, Bank information, AWS Secret key or access key, company confidential, CCN.
SOX
Yes
Identifies financial content such as invoice, personal finance, financial accounting.
U.K. PIOCP
No
Detects content that includes Tax ID or National ID.

Recommended For You