DLP Scanning
The Cloud Application Security product supports enhanced Data Loss Prevention (DLP) when operating in API Mode. DLP can be used to detect potential data leakage and data exfiltration, by scanning the content of files uploaded and modified within connected third-party cloud storage services. The DLP Scanning feature has a number of predefined dictionaries for ease of use, and also supports custom keyword patterns.
To enable DLP Scanning visit your USS Dashboard, and click Products ⟶ Cloud Application Security ⟶ DLP Scanning.
Ensure that the DLP Scanning: toggle is set to to reveal the available DLP Scanning options.
General
Personal Identifiable Information
Scan for various numbers that can be used to personally identify someone. The following table shows the numbers that are supported and the country formats recognised for each.
Passport numbers | Social Security numbers | ID Card numbers | Driving License numbers | Tax ID numbers | Health Insurance numbers |
China (mainland) | Austria | United Arab Emirates | Germany | Australia | Australia |
Germany | Canada | Albania | United Kingdom | Bulgaria | United Kingdom |
Finland | Cyprus | Belgium | Italy | Brazil | European Union |
France | Germany | Bulgaria | Korea | Spain | Korea |
United Kingdom | Spain | Brazil | International | ||
Hong Kong | France | Chile | Italy | ||
Ireland | Switzerland | China (mainland) | Peru | ||
Japan | United Kingdom | Czech Republic | Poland | ||
Korea | Greece | Germany | United States | ||
Macao | Hungary | Denmark | |||
Norway | Ireland | Estonia | |||
Japan | Finland | ||||
Korea | France | ||||
Luxembourg | Hong Kong | ||||
Netherlands | Croatia | ||||
Poland | Indonesia | ||||
Romania | Isreal | ||||
Russia | India | ||||
Taiwan | Iceland | ||||
United States | Italy | ||||
Kazakhstan | |||||
Lithuania | |||||
Latvia | |||||
Macao | |||||
Norway | |||||
Peru | |||||
Poland | |||||
Portugal | |||||
Sweden | |||||
Singapore | |||||
Thailand | |||||
Turkey | |||||
Taiwan | |||||
Yugoslavia | |||||
South Africa |
Include e-mail addresses
Scan content for valid email addresses (e.g. user@domain.com
)
Include IPv4 IP addresses
Scan content for IPv4 IP addresses (e.g. 192.168.0.1
)
Include IPv6 IP addresses
Scan content for IPv6 IP address formats (e.g. f06:0:0:0:0:0:0:c3
or ff06::c3
)
Include MAC addresses
Scan content for MAC addresses (e.g. 01:23:45:67:89:AB
or 12-34-56-78-9A-BC
)
Intellectual Property
Scan content against a dictionary of terms relating to intellectual property (e.g. "patent
")
Confidential Information
Scan content against a dictionary of terms relating to confidential material (e.g. "secret
", "confidential
")
Indicators of Insider Risk
Scan content against a dictionary of terms relating to insider risk (e.g. terms employees may use to indicate discontent or frustration)
PCI
Payment Card Industry (PCI)
Scan content for patterns used for PCI Compliance (e.g. credit card numbers, IBAN numbers, SWIFT codes). The following credit cards are supported:
Card name | Description |
Mastercard | Internationally recognised credit card |
Visa | Internationally recognised credit card |
American Express | The American Express Company, also known as AMEX |
JCB | Credit card company based in Tokyo, Japan |
Diners | Diners Club Card International (DCI), founded as Diners Club |
Discover | The Discover Card is a credit card, issued primarily in the United States |
MIR | Payment system established by the Central Bank of Russia |
Maestro | Multi-national debit card service, owned by Mastercard |
China UnionPay | China UnionPay, also known by its abbreviation CUP, is a Chinese financial services corporation |
Carte Blance | Carte Blance is a Diners Club cardraven |
Include credit card numbers with expiry
Scan content for credit card numbers with an associated expiry date (e.g. 01/19
)
IBAN patterns
Scan content for IBAN number formats (e.g. WBK60161331926819
)
Include postal addresses
Scan content for addresses and postal codes (US format only)
HIPAA
Health Insurance Portability & Accountability Act (HIPAA)
Scan content for patterns used for HIPAA Compliance (e.g. FDA-recognised prescription drugs).
Include ICD-9 dataset
The International Statistical Classification of Diseases and Related Health Problems (commonly known as the ICD) provides alpha-numeric codes to classify diseases and a wide variety of signs, symptoms, abnormal findings, complaints, social circumstances and external causes of injury or disease
Include ICD-10 dataset
The ICD-10-CM diagnosis classification system developed by the Centers for Disease Control and Prevention for use in all U.S. health care treatment settings. Diagnosis coding under this system uses a different number of digits and some other changes, but the format is very similar to ICD-9-CM.
Include FDA pharmaceutical companies
Scan content against a list of FDA-approved pharmaceutical company names
Keyword Lists
Select from any user-defined Keyword Lists to use.
The DLP Scanner will attempt to match any of the patterns in the Keyword List with the scanned content.
In the example below, the "Allergies" keyword list contains the pattern "peanut
".
Selecting this Keyword List for the DLP Scanner to use will ensure the keyword "peanut
" is detected in any uploaded or changed files.
Settings
Maximum Image Size
The maximum size a file can be, in megabytes, for it to be scanned. Events containing files over this size will be logged but not scanned. The maximum possible size for this setting is 100 Mb
.