Skip Navigation

Best practices for policy consolidation

CylanceAVERT
has two policy compliance types that can be used in an information protection policy.
Regulatory compliance refers to a finite set of sensitive data that is used to protect sensitive information related to industry or government regulations. Regulatory data is data that does not change over time. The pre-defined data types in the CylanceAVERT settings are all regulatory and are provided to you by
BlackBerry
to accelerate and simplify product setup. You can create your own regulatory data types and templates for use in a policy that encapsulates all of the regulatory data that your organization requires. For example, instead of using the
BlackBerry
provided template, you can create a Canada Health regulatory policy, that combines a Canadian SIN number, PHIN, health service number, Driver's license, bank account number, and passport number in a single policy.
CylanceAVERT
will use regular expression or keyword matching to determine if a file contains relevant regulatory information as stated in the policy.
Organizational compliance refers to a set of infinite data where the content and the people who can access the data changes from organization to organization is constantly changing based on organizational situations. As a result, organizational compliance should be used to protect sensitive data that contains information on company IP or other information relevant to your organization.
There is a possibility that multiple policies can apply to the same sensitive file, where the policies will conflict in their remediation action that they will take when a sensitive file is discovered. In this case,
CylanceAVERT
will apply remediation reconciliation for these policies.
When policy collisions occur,
CylanceAVERT
will automatically apply reconciliation. The reconciliation action will differ if the file violates a regulatory policy, an organizational policy, or both. If a file is classified as only organizational, the least restrictive remediation action is taken. If a file is classified as regulatory and/or organizational, the most restrictive action is taken. For example, if a file is subject to an organizational policy that determines the file is sensitive if it contains 2 occurrences of the word “confidential”, and a second organizational policy that determines sensitivity based on 3 occurrences of the word, the file will be determined as sensitive for 3 occurrences (least restrictive). However, if one or both of these policies were regulatory, then the file would be sensitive with 2 occurrences (most restrictive).