Information Technology

Last updated
Save as PDF

NOTE: Data Identifiers are legacy DLP features that will no longer be supported by the end of June 2025, it is recommended to use a classification-based approach for all your DLP use cases. To assist with migrating your DLP policies from Data Identifiers to Classification, refer to the Migration Guide.

Skyhigh CASB supports the following definitions, validation, and keyword information for Information Technology data identifiers.

NOTE: Skyhigh CASB regex includes an extra backslash to conform with JSON string structure. Naked regex would have only one backslash, but regex in strings requires the extra backslash to be escaped. For more information, see https://www.regular-expressions.info/java.html.

Data Identifier	Definition	Validation	Keyword
AWS Keys	AWS Access Keys are are long-term credentials for an IAM user or the AWS account root user. Access keys contain two parts: an access key ID (such as`AKIAIOSFODNN7EXAMPLE`) and a secret access key (such as `wJalrXUtnFEMI/K7MDENG/ bPxRfiCYEXAMPLEKEY`). You must use both the access key ID and secret access key together to authenticate requests.	(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9])	access secret aws access aws secret access id secret id access key secret key aws access id aws secret id aws access key aws secret key aws_access_key_id aws_secret_access_key access key id secret access key
Email Address	An email address identifies an email box to which email messages are delivered. An email address such as John.Smith@example.com is made up of a local-part, an @ symbol, then a case-insensitive domain. Although the standard specifies the local part to be case-sensitive, in practice the mail system at example.com may treat John .Smith as equivalent to JohnSmith or even as johnsmith, and mail systems often limit their users' choice of name to a subset of the technically valid characters. In some cases they also limit which addresses it is possible to send mail to.	"(?i)(?:[a-z0-9!#$%&'+/=?^_`{\|}~-]+(?:\\.[a-z0-9!#$%&'+/=?^_`{\|}~-]+)\|\"(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21\\x23-\\x5b\\x5d-\\x7f]\|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])\")@(?:(?:[a-z0-9](?:[a-z0-9-][a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-][a-z0-9])?\|\\[(?:(?:(2(5[0-5]\|[0-4][0-9])\|1[0-9][0-9]\|[1-9]?[0-9]))\\.){3}(?:(2(5[0-5]\|[0-4][0-9])\|1[0-9][0-9]\|[1-9]?[0-9])\|[a-z0-9-][a-z0-9]:(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21-\\x5a\\x53-\\x7f]\|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])+)\\])", "(?i)mailTo:(?:[a-z0-9!#$%&'+/=?^_`{\|}~-]+(?:\\.[a-z0-9!#$%&'+/=?^_`{\|}~-]+)\|\"(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21\\x23-\\x5b\\x5d-\\x7f]\|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])\")@(?:(?:[a-z0-9](?:[a-z0-9-][a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-][a-z0-9])?\|\\[(?:(?:(2(5[0-5]\|[0-4][0-9])\|1[0-9][0-9]\|[1-9]?[0-9]))\\.){3}(?:(2(5[0-5]\|[0-4][0-9])\|1[0-9][0-9]\|[1-9]?[0-9])\|[a-z0-9-][a-z0-9]:(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21-\\x5a\\x53-\\x7f]\|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])+)\\])"	email address email id email
IP Address	A numerical label assigned to each device connected to an network that uses Internet Protocol	"\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3}", "\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3}/\\d{1,2}"	ipaddress
Password	This data identifier identifies customer passwords, with a minimum length of 8 characters, and a maximum of 20.	(?=[^ \n][A-Z]+)(?=[^ \n][a-z]+)(?=[^ \n][^A-Za-z0-9 \n]+)(?=[^ \n][0-9]+)\b[^ \n]{8,20}\n (?=.[a-z])(?=.[A-Z])(?=.\d)(?=.[@$!%?&])[A-Za-z\d@$!%?&]{8,}	password credentials pwd pass passw kennwort passwort schlüssel secret passphrase Contraseña Contrasena passe code d'accès clave 密码 [密碼] mìmǎ про́пуск шифр код haslo código senha palavra-passe