Detect confidential documents with PII and allow internal shares only

Overview:

The purpose of this example is to:

  • Create a classification rule that detects confidential documents using a group of personally identifiable information (PII) patterns.
  • Tag the documents with attributes that specify if they are marked confidential.
  • Create a DLP rule that allows only internal sharing of documents tagged as confidential, but allows external sharing of documents not tagged as confidential.


Configuration Steps:


1. Create Metadata Set

  • Log in to the FileCloud Admin portal, and in the navigation panel, click Metadata, then click Add Metadata Set.



  • Create a metadata set named Confidential Documents with the attribute Confidential of type text.
  • Choose the Users/Groups that can see this metadata and provide them with read permission.

2. Create the PII Regex Patterns Group

  • In the navigation panel, click Settings, then click the Content Search tab.
  • Check Enable PII Search.

  • Add a PII patten for your confidential Information.

Edit the new PII search pattern, and set Regex  to the confidential statement to detect inside your documents, for example, "(This is a confidential document, For internal use only)". Note that statement should be inside ().

If you have multiple statements to detect in your document you can use (statement1) | (statement2 ) | (statement3) . In this example, you are also adding the pre-defined patterns with personally identifiable information shown in the screenshots below.


a. Confidential Statement Pattern:


b. European Debit Card number Pattern:


c. France National ID Pattern:


d. France Passport Number Pattern:



Add the different patterns into a pattern group:


3. Create the Smart Classification Rule


  • Log in to the FileCloud Admin portal, and in the navigation panel, click Smart Classification.
  • Add a new classification rule



  • Make sure to specify the exact name of  the metadata along with attribute name and PII Regex pattern. In the Add Rule dialog box, enter the following into Definition:

    {
    "classifier": "Default",
    "precondition": "true",
    "condition": "count(_classifications) > 0",
    "matchaction": {
      "Confidential Documents": {
        "Confidential": "Yes"
    }
    },
    "defaultaction": {
      "Confidential Documents": {
        "Confidential": "No"
    }
    },
    "parameters": {
      "SEARCH_PATTERN_GROUPS": [
        "Confidential Info"
    ]
    }
    }



4. Create the Smart DLP Rule

  • Log in to the FileCloud Admin portal. In the navigation panel, click Smart DLP.
  • Add a new DLP rule
  • For documents that are confidential, the rule checks for metadata attribute "Confidential" = "Yes" and allows sharing with only domain "codelathe.com".
  • For documents that are non-confidential, the rule checks for metadata attribute "Confidential" = "No" and allows sharing with all domains.




5. Upload documents to Filecloud's user portal

  • Log in to the FileCloud user portal.
  • Upload multiple documents to My Files or to a Team Folder. Some of the files should contain confidential information.
  • The classification rule will detect documents that contain confidential information and set the attribute "Confidential" to "Yes".
  • The classification rule will detect documents that do not contain confidential information and set the attribute "Confidential" to "No".

    Content of uploaded document with confidential statement in it:




6. Test the Smart DLP rule

  • Log in to the FileCloud user portal and share a file that contains confidential information.
  • Confirm that sharing is only allowed with users from the domain "codelathe.com".