Detect documents with US Social Security Number and allow sharing only with specific domains

Overview:

The purpose of this example is to create a classification rule that detects and tags documents with US Social Security Numbers, and then create a DLP rule to prevent sharing the tagged documents with email addresses other than those using your company domain. For documents that do not contain US Social Security Numbers, sharing is allowed with all domains.

Configuration Steps:

1. Create Metadata Set

  • In the navigation pane, click Metadata, then click Add Metadata Set.  



  • Create a metadata set with the attribute Detection of type text.
  • Choose the Users/Groups that can see this metadata and provide read permission.



2. Create US Social Number regex pattern

  • In the navigation panel, click Settings, then click the Content Search tab.
  • Check Enable PII Search.

  • Add a PII pattern for US Social Number.



3. Create Smart Classification Rule

  • Log in to the FileCloud Admin portal, and in the navigation panel, click Smart Classification.
  • Add a new classification rule



  • Make sure to specify the exact name of the metadata along with attribute name and PII Regex pattern. In the Add Rule dialog box, enter the following into Definition:

    {
    "classifier": "Default",
    "precondition": "true",
    "condition": "count(_classifications) > 0",
    "matchaction": {
    "US Social Number": {
    "Detection": "Yes"
    }
    },
    "defaultaction": {
    "US Social Number": {
    "Detection": "No"
    }
    },
    "parameters": {
    "SEARCH_PATTERN_NAMES": [
    "U.S. Social Security Number (SSN)"
    ]
    }
    }


4. Create Smart DLP Rule

  • Log in to the FileCloud Admin portal. In the navigation panel, click Smart DLP.
  • Add a new DLP rule
  • For Documents that contain US Social Number, the rule will check for metadata attributes "Detection" = "Yes" and allow sharing with only domain "codelathe.com"
  • For Documents that do not contain US Social Number, the rule will check for metadata attributes "Detection" = "No" and allow sharing with all domains.



5-Upload documents to Filecloud's User interface

  • Log in to the FileCloud user portal.
  • Upload multiple documents to My Files or to a Team Folder. Some of the files should contain US Social Number examples.
  • The classification rule will detect document that contains US Social Numbers and tag them with the attribute "Detection" = "Yes".
  • The documents that do not contain US Social Numbers will be tagged with "Detection" = "No".


6-Test Smart DLP rule

  • Log in to the FileCloud User Portal.
  • Share a file that contains US Social Number 
  • Confirm that sharing is only allowed only with users from the domain "codelathe.com"