Advanced File Encryption Types Use Case

Last updated
Save as PDF

Use Case 1: Detect Password-Protected Microsoft Word Documents

Imagine you have shared Q4 financial record documents, including Microsoft Word files, with several board members of your organization. Some of these files are password-protected, while others are not. However, you want to ensure that password-protected files are classified and monitored to prevent data leaks.

To achieve this, you can create a classification rule using the File Encryption Types condition and apply DLP policies to trigger alerts, enforce access controls, or initiate additional security measures to protect the archive's files.

To apply the Classification rule for this use case, see Create a Classification Rule

Classification Engine Action: The Classification engine scans the Q4 financial record documents and identifies them as Microsoft Word files. It also detects which files are protected with password encryption based on its classification rules. This allows you to effectively monitor and safeguard the sensitive information contained within these documents.

Use Case 2: Detect Password-Protected Microsoft Word Documents in a Non-Encrypted Archive

Suppose an HR manager has placed multiple Word document files in a non-encrypted archive folder. These documents include Employee Handbooks, Performance Evaluations, Employment Contracts, and other related materials. Some of these files are encrypted or password-protected. The HR manager intends to share this archived folder with the executive HR team across the global organization for updates and management. Simultaneously, the HR manager aims to classify and monitor password-protected files within the Non-Encrypted Archive to prevent data leaks.

To achieve this, the HR manager can create a classification rule using the File Encryption Types condition and apply DLP policies to trigger alerts, enforce access controls, or initiate additional security measures to protect the archive's files.

Create a Classification Rule. For both the above use cases, create a classification rule as follows:

Create your classification using the File Encryption condition as provided in steps 1 to 5 in the Create a Classification using File Encryption Type section
Conditions. For IF, select True File Type as Word Processing File. (Microsoft Word is found under the Word Processing File keywords)
Click AND and select File Encryption as Password protected archive or document from the list.
Click Done.
To save your classification, Click Save.

Classification Engine Action: The Classification engine scans the documents within the non-encrypted archives and detects one or more Microsoft Word documents encrypted with password protection based on its classification rules. This ensures that the HR manager can effectively monitor and protect sensitive documents while facilitating collaboration with the global HR team.

Use Case 3: Detect Files and File Extensions in an Encrypted Archive

Imagine you have an encrypted ZIP file named Sensitive_Documents.zip. This ZIP file contains several documents, including:

Report.doc (a financial report)
Meeting_Notes.docx (notes from a confidential meeting)

However, you want to ensure that the files within the encrypted archive are classified and monitored to prevent data leaks.

Create a classification rule as follows:

Create your classification using the File Encryption condition as provided in steps 1 to 5 in the Create a Classification using File Encryption Type section.
Conditions. For IF, select File Encryption as Password protected archive or document from the list.
Click AND and select File Extension as Microsoft Word and Other Word Processing Documents from the list.
Click Done.
To save your classification, Click Save.

Classification Engine Action: The Classification engine scans the Sensitive_Documents.zip file and detects that the archive is encrypted. Despite the encryption, the engine analyzes the contents of the archive to identify file types and extensions. Upon inspection, the engine finds that there are files with the .doc, and .docx file extensions inside the archive. This allows you to effectively monitor and safeguard the sensitive information contained within these archives.

Use Case 4: Detect Encrypted Archive Type

Suppose you have a password-protected archive type ZIP and the table of contents for this ZIP file is secured, meaning that even the names of the files inside cannot be viewed without entering the password. For example, the encrypted ZIP file is named Confidential_Documents.zip, and it contains several sensitive documents, including:

Financial_Report.docx
Client_Contracts.pdf
Project_Plan.pptx

However, you want to ensure that encrypted archive types are classified and monitored to prevent data breaches. To achieve this, you can create a classification rule using the File Encryption Types condition and apply DLP policies to trigger alerts, enforce access controls, or initiate additional security measures to protect the encrypted archive type.

Create a classification rule as follows:

Create your classification using the File Encryption condition as provided in steps 1 to 5 in the Create a Classification using File Encryption Type section.
Conditions. For IF, select True File Type as Archives and Compressed Files from the list.
Click AND and select File Encryption as Password protected archive or document from the list.
Click Done.
To save your classification, Click Save.

Classification Engine Action: When the Classification engine scans the Confidential_Documents.zip file, it recognizes that the archive is password protected. However, because the table of contents is also protected, the engine cannot access or analyze the individual files within the archive. The engine will flag the ZIP file as a password-protected archive based on its classification rules, but it cannot provide any details about the contents or the specific files it contains.

NOTE: The Classification engine can detect these supported archive types that are encrypted, including 7-Zip, ZIP, RAR, and B1.