Creating Data Leak Prevention Rules
Only administrators with DLP privileges are able to create, modify, and delete DLP rules.
DLP DOWNLOAD rules may affect file preview functionality, which requires the previewed file to be downloaded to the browser or client application.
To create and edit DLP rules, follow the steps below:
- Access FileCloud's Admin portal > Governance > Smart DLP
- To create a new rule, click Add DLP Rule.
The Create Rule dialog box opens: - Fill in the fields.
- Rule Name: A name that identifies the DLP rule.
- Affected User Actions: User actions that trigger the DLP rule (DOWNLOAD, SHARE, or LOGIN).
- Rule Expression: Criteria for triggering the DLP rule. A minimum of one expression is required in order to create a DLP rule.
You can either use the Rule Expression Builder to help you construct a rule expression or type it in manually using the Rule Expression Text Editor.
For help using the Rule Expression Builder, see Create a rule with the rule expression builder, below.
See a list of Rule Expressions. - DLP Action: Allow or Deny the user action if the parameters of the rule expression are triggered.
- DLP Mode: If a rule is violated, whether or not the action will be prevented. Regardless of the mode, the system creates an audit log.
Options are:- Enforce - (Default) The action will be prevented.
- Permissive - The action will not be prevented.
- Rule Notification: Message displayed to users when a rule is violated. Does not apply to log-in rules.
The following HTML tags are supported: <a>, <br>, and <p>. Only full urls (those beginning with http:// or https://) can be rendered.
- Click Create.
The rule appears in the DLP Rules table.
Create a rule with the rule expression builder
The Rule Expression Builder helps you ensure that your rules have the right parameters and correct formatting. The first example demonstrates how to use the expression builder to create a simple single-condition rule. The second example shows how to create a more complex rule that contains several conditions.
If the Rule Expression is not valid, an error will be thrown.
DLP crawlers run on all daily cron jobs and remove shares that violate any SHARE ENFORCE rules.