Specify sensitive data types
Data types represent the sensitive data that
CylanceAVERT
will scan for. You can set data types in the information protection settings and customize them to fit your organization's needs. The search methods available for data types are keywords or regular expressions. - In the management console, on the menu bar, clickSettings > Information Protection.
- Click theData Typestab.
- ClickAdd Custom Data Type.You can also add predefined data types to your list, which will allow the data type to be used in an information protection policy. To add a predefined data type to a list, clickAdd Predefined Data Type, select the predefined data types that you want to add to your list, and clickAdd.
- On theAdd custom data typepage, add a name and description for the new data type.
- In theRegiondrop-down list, select the region the data type will be used for. For example, if you are going to check for a Canadian drivers license number, select Canada as the region.
- In theInformation typedrop-down menu, select the type of information that matches your data type. Values are custom, financial, health, and personal data.
- In theSearch methoddrop-down menu, select the search method that you want to use. Values are keywords, expression, or keyword dictionary. A keyword dictionary is a text file that specifies multiple keywords. To create a keyword dictionary, you must create a text file with each keyword written on a new line.
- Do any of the following:
- If you selectedKeywordsas your search method, enter the keywords that you want to scan for in theKeywordsfield. You can use commas to separate multiple keywords.
- SelectExact matchif you want to consider the file as sensitive if the keywords are exact matches. If this is selected, keywords will not be matched if they are part of a larger text string. For example, if you specify "confidential" as a keyword, "confidentiality" will not produce a match.
- SelectEnforce case sensitivityif you want to consider the file as sensitive if the case of the keywords are exact matches. If this is selected, text case is enforced. For example, if you specify "confidential" as a keyword, "CONFIDENTIAL" will not produce a match.
- If you selectedRegular Expression (RegEx)as your search method, enter the regular expression that you want to scan for in theRegexfield.If you are using a regex, note the following:
- The regex must conform to the .NET expression language.
- You can validate the regex using popular tools such as Regex101 or Regex Storm.
- If you selectedKeyword Dictionary, do the following:
- SelectExact matchif you want to consider the file as sensitive if the keywords are exact matches. If this is selected, keywords will not be matched if they are part of a larger text string. For example, if you specify "confidential" as a keyword in your keyword dictionary, "confidentiality" will not produce a match.
- SelectEnforce case sensitivityif you want to consider the file as sensitive if the case of the keywords are exact matches. If this is selected, text case is enforced. For example, if you specify "confidential" as a keyword in your keyword dictionary, "CONFIDENTIAL" will not produce a match.
- ClickUpload Keyword Dictionaryand select your keyword dictionary. You can only upload one keyword dictionary file per data type.
The following are limitations for a keyword dictionary:- The combined size of all keyword dictionaries on a tenant cannot exceed 1.5 MB.
- A single keyword in the keyword dictionary cannot exceed 1024 characters.
- The maximum number of keyword dictionary data entities on a tenant is 1000.
- ClickCreate.
- A custom data type can be deleted. To delete a custom data type, click in theactionscolumn. On the confirmation pop-up, clickDelete.You will receive aData type in usepop-up If the data type is used in a policy and you will not be able to delete it until it is removed.
- A predefined data type can be removed from your list but not deleted. To remove a predefined data type from your list click in theActionscolumn. On the confirmation pop-up, clickRemove. You can re-add a predefined data type to your list by clickingAdd Predefined Data Typeand selecting the data type from the list.You will receive aData type in usepop-up If the data type is used in a policy and you will not be able to delete it until it is removed.
- An existing keyword dictionary file can be downloaded. If an updated keyword dictionary is uploaded, the endpoint will be rescanned and the policies will be evaluated. Currently, existing events will remain evaluated from the previous datatype.