Create a File Property Data Pattern on Cloud Management

Launch the Cloud Management Console.
Select
Manage
Configuration
Security Services
Data Loss Prevention
Detection Methods
Data Patterns
.
Add Data Patterns
and select
File Property
.
You can also create a new file property data pattern by copying an existing file property data pattern. To copy a custom data pattern, select the data pattern name to view the data pattern details and copy ( ). You can then configure the file property data pattern you copied as needed.
Enter a descriptive
Data Pattern Name
.
(
Optional
) Enter a
Description
for the data pattern.
Define the file property data pattern.
Enterprise DLP
supports file property data patterns in MS Office and PDF documents and supports both the OLE (.doc/.ppt) and XML (.docx/.pptx) formats of MS Office.
Select the
File Property Type
.
Leave the
File Property Type
empty if you plan to use
keyword
as the file property
Name
. This is required to successfully match traffic against the
keyword
file property.
Enterprise DLP
supports the following file property types.
AIP Tags
—Microsoft Azure Information Protection (AIP) labels used to classify and protect documents and emails.
Only one AIP Tag entry is supported per data pattern. However, you can add up to 10 AIP Tag values to an AIP Tag entry using
;
as a separator. For example,
msip_label_defa4170-0d19-0005-000b-bc88714345d2_contentbits=10;
msip_label_defa4170-0d19-0005-000b-bc76701345f1_contentbits=10
.
Asset Name
—File name for files you want to prevent exfiltration.
Only one Asset Name entry is supported per data pattern. However, you can add up to 100 Asset Name values to an Asset Name entry using
;
as a separator. For example,
notes; billing-info;customer-data
.
Fully formed regex expressions are supported for the Asset Name value. Wildcards are not supported. For example,
(?i)(\W|^)(ssn|social|security\security|credit\card|phone|credit\card)(\W|$)
.
Author
—File owner first and last name in the asset metadata.
Only one Author entry is supported per data pattern. However, you can add up to 100 Author values to an Author entry using
;
as a separator. For example,
Bill Smith; john doe; leslieBarnes
.
The Author values are case and space insensitive.
The Author file property type is not supported for source code files.
File Extension
—Specify one or more file types supported by
Enterprise DLP
.
Only one File Extension entry is supported per data pattern. However, you can add up to 100 File Extension values to a File Extension entry using
;
as a separator. For example,
.pdf;.csv;.rtf
.
To scan files based on a specific file extension, the file extension must be included in the file name.
File SHA
—String of letters and numbers that represent a long checksum. Only SHA-256 are supported.
Only one File SHA entry is supported per data pattern. However, you can add up to 100 File SHA values to an File SHA entry using
;
as a separator. For example,
CA4D03E8F8A495AA671930184A04275E050D096B9E7E3CF693E0AB12898F3A46;5C4753EAE1F27F0D7EDB5F3245155F668BF5B86A8B3BB2D86F32C65692837F79
.
Extended Properties
—Unique
Advanced
properties added to Microsoft Suite (Word, Excel, PPT, PDF) file properties that are not the default
General
properties.
Multiple Extended Properties entries are supported per data pattern.
Custom
—Unique
Custom
properties added to Microsoft Suite (Word, Excel, PPT, PDF) file properties that are not the default
General
properties.
Multiple Custom entries are supported per data pattern.
Select the file property
Name
.
For files protected with AIP labels, you must enter the full AIP label
Name
that you want to take action on. This must be the
MSIP_Label_<GUID>_Enabled
label name.
Enter the file property
Value
.
(
Optional
)
Add File Property
to define additional file property patterns.

Save
the data pattern.
Create a data profile.
Create a Data Profile on Cloud Management
Create a Data Profile with Data Patterns and EDM Data Sets on Cloud Management
Create a Data Profile with Nested Data Profiles on Cloud Management