Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Policy Templates for Compliance and DLP

NOTE: From the SSE 6.6.2 release, the Policy Templates that contain Data Identifiers (legacy DLP features) are available to users who have already defined DLP policies using these templates. It will not be available to other users. Skyhigh recommends using classifications to define rules in your DLP policies. For details, see About Classifications.

This table lists the policy templates provided for Compliance and DLP.  

Policy Name Benchmark Description
ABA Routing Numbers and Banking Keywords   This API policy looks for valid ABA Routing Numbers in conjunction with banking related keywords. It quarantines medium severity violations and deletes high severity violations.
Password Files  

This policy detects and quarantines password files and formats such as SAM, /etc/password, and /etc/shadow.

Document Classification   This policy searches data for Confidential, Personal Information or Highly Restricted tags.  Confidential data creates an incident, Personal Information is quarantined and Highly Restricted data is deleted per corporate policy.
Design Documents   This policy detects various types of design documents at risk of exposure.
Confidential Documents   This policy quarantines documents with confidential keywords in metadata/header for specific set of file types if they were shared.
Encrypted Data   This policy detects the use of encryption by a variety of methods including S/MIME, PGP, GPG, and file password protection.
Financial information   This policy detects financial data and information, and quarantines high severity incidents if specified keywords are found in header/metadata.
M&A Activity   This policy detects contracts and official documentation about Merger & Acquisition activity against defined keywords. The response for the incident is to quarantine the file.
PCI DSS   The Payment Card Industry (PCI) Data Security Standard (DSS) is jointly determined by the major payment card companies (such as Visa, MasterCard, American Express, and Discover). This policy detects credit card data that, if exposed, could represent a violation of this standard.
PST Files   This API policy is designed to delete the PST files that, according to enterprise policy, are not to be stored on cloud storage CSPs.
Sarbanes-Oxley   The US Sarbanes-Oxley Act (SOX) imposes requirements on financial accounting including the preservation of data integrity and the ability to create an audit trail. This policy detects and quarantines sensitive financial data.
SSH Private Keys   This policy detects and quarantines SSH Private Key files.
US Social Security Numbers   This policy looks for valid US SSN numbers. It quarantines data with medium severity and deletes with high severity violations.
Source Code     This policy detects various types of source code at risk of exposure including Java source, C source, VB source and PERL as well as matching source code file extensions from Assembly to Visual Basic.  An incident is created if a file extension match occurs and if source code is discovered it is quarantined.
Resume Policy   The policy is designed to prevent Resume related data being sent to cloud providers. This looks for Resume Keywords in conjunction with a file type.
HIPAA and HITECH including PHI   This policy strictly enforces the US HIPAA by searching for data concerning prescription drugs, diseases, and treatments in conjunction with PHI. This policy may also be used for organizations which are not subject to HIPAA but want to control PHI data. Any incidents are quarantined.
Contact Lists    The policy flags Contact List related data being sent to cloud providers.
AIP Confidential   Finds all documents that were marked "Confidential" by Microsoft Advanced Information Protection.
Boldon James Confidential    Detect files with Boldon James Tag "Confidential" (id_classification_confidential)
Caldicott Report   The Caldicott Report (December 1997) was a review commissioned by the UK Chief Medical Officer to make recommendations to improve the way the National Health Service handles and protects patient information. The Caldicott Committee was set up to review the confidentiality and flows of data throughout the NHS for purposes other than direct care, medical research or where there is a statutory requirement for information. Its recommendations are now being put into practice throughout the NHS and in the Health Protection Agency.
Canadian Social Insurance Numbers   This policy detects patterns indicating Canadian social insurance numbers (SINs) at risk of exposure.
Credit Card Numbers   This policy detects patterns indicating credit card numbers at risk of exposure.
Customer Data Protection    This policy detects customer data at risk of exposure.
Data Protection Act 1998   The Data Protection Act 1998 (replacement of Data Protection Act 1984) set standards which must be satisfied when obtaining, holding, using or disposing of personal data in the UK. The Data Protection Act 1998 covers anything with personal identifiable information (e.g. data about personal health, employment, occupational health, finance, suppliers, and contractors).
Defense Message System (DMS) GENSER Classification   This policy detects information classified as confidential according to the guidelines established by the Defense Information Systems Agency for the Defense Message System (DMS) General Services (GENSER) message classifications, categories and markings. These standards outline how to mark classified and sensitive documents according to US standards, as well as providing interoperability with NATO countries and other US allies.
Employee Data Protection   This policy detects employee data at risk of exposure.
Export Administration Regulations (EAR)   The Export Administration Regulations (EAR) are enforced by the US Department of Commerce. These regulations primarily cover technologies and technical information with both commercial and military applications, also known as dual use technologies (e.g., chemicals, satellites, software, computers, etc.). This policy detects violations based on countries and controlled technologies designated by the EAR.
FACTA 2003 (Red Flag Rules)   This policy helps to address sections 114 and 315 (or Red Flag Rules) of the Fair and Accurate Credit Transactions Act of 2003. These rules specify that a financial institution or creditor that offers or maintains covered accounts must develop and implement a written Identity Theft Prevention Program that is designed to detect, prevent, and mitigate identity theft in connection with the opening of a covered account or any existing covered account.
General Data Protection Regulations (Banking and Finance)   This template focuses on GDPR banking and finance related keywords, Data Identifiers and an EDM profile with related columns. The GDPR is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the EU. It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
General Data Protection Regulations (Government Identification)   This template focuses on government identification related keywords, Data Identifiers and an EDM profile with related columns. The GDPR is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the EU. It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
General Data Protection Regulations (Healthcare and Insurance)   This template focuses on healthcare and insurance related keywords, Data Identifiers and an EDM profile with related columns. The GDPR is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the EU. It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Gramm-Leach-Bliley   The Gramm-Leach-Bliley (GLB) Act gives consumers the right to limit some sharing of their information by financial institutions. This policy detects transmittal of customer data.
Human Rights Act 1998   The Data Protection Act 1998 (replacement of Data Protection Act 1984) set standards which must be satisfied when obtaining, holding, using or disposing of personal data in the UK. The Data Protection Act 1998 covers anything with personal identifiable information (e.g. data about personal health, employment, occupational health, finance, suppliers, and contractors).
Gramm-Leach-Bliley   The Gramm-Leach-Bliley (GLB) Act gives consumers the right to limit some sharing of their information by financial institutions. This policy detects transmittal of customer data.
Individual Taxpayer Identification Numbers (ITIN)   An Individual Taxpayer Identification Number (ITIN) is a tax processing number issued by the US Internal Revenue Service (IRS). The IRS issues ITINs to track individuals are not eligible to obtain a Social Security Numbers (SSNs).
Individual Taxpayer Identification Numbers (ITIN)   An Individual Taxpayer Identification Number (ITIN) is a tax processing number issued by the US Internal Revenue Service (IRS). The IRS issues ITINs to track individuals are not eligible to obtain a Social Security Numbers (SSNs).
International Traffic in Arms Regulations (ITAR)   The International Traffic in Arms Regulations (ITAR) are enforced by the US Department of State. Exporters of defense services or related technical data are required to register with the federal government and may need export licenses. This policy detects potential violations based on countries and controlled assets designated by the ITAR.
NASD Rule 2711 and NYSE Rules 351 and 472   NASD Rule 2711 and NYSE Rules 351 and 472 stipulate separation of investment banking from research and trading to ensure trust in the public markets. This template allows monitoring of the communications of research analysts when they are subject to these regulations.
NASD Rule 3010 and NYSE Rule 342   NASD Rule 3010 and NYSE Rule 342 require broker-dealers to supervise certain brokerage employees' communications. This policy allows monitoring the communications of registered principals when they are subject to these regulations.
Network Diagrams   This policy detects computer network diagrams at risk of exposure.
Network Security   This policy detects evidence of hacking tools and attack planning.
Office of Foreign Assets   The Office of Foreign Assets Control of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against certain countries, individuals, and organizations. This policy detects communications involving these targeted groups.
OMB Memo 06-16 and FIPS 199 Regulations   This policy detects information classified as confidential according to the guidelines established in the Federal Information Processing Standards (FIPS) Publication 199 from the National Institute of Standards and Technology (NIST). These security classifications were reinforced as the basis for compliance with memorandum 06-16 from the Office of Management and Budget (OMB).
Payment Card Industry Data Security Standard   The Payment Card Industry (PCI) Data Security Standard (DSS) is jointly determined by the major payment card companies (such as Visa, MasterCard, American Express, and Discover). This comprehensive standard is intended to help organizations proactively protect customer account data. This policy detects credit card data that, if exposed, could represent a violation of this standard.
PIPEDA   Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) protects personal information in the hands of private sector organizations and provides guidelines for the collection, use and disclosure of that information. This policy detects customer data protected by PIPEDA regulations.
Project Data    This policy helps find discussions of sensitive projects.
Proprietary Media Files   This policy detects various types of video and audio files that could be proprietary and intellectual property of your organization and at risk for exposure.
Publishing Documents    This policy detects various types of publishing documents such as FrameMaker files at risk of exposure.
SEC Fair Disclosure Regulation   The US SEC Selective Disclosure and Insider Trading Rules prohibit public companies from selectively divulging material information to analysts and institutional investors prior to its release generally to the public. This policy detects data indicating disclosure of material financial information.
State Data Privacy   Many states in the US have adopted statutes mandating data protection and public disclosure of information security breaches in which confidential data of individuals is compromised. This policy detects these breaches of confidentiality.
SWIFT Codes    The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative organization under Belgian law and is owned by its member financial institutions. The SWIFT code (also known as a Bank Identifier Code, BIC, or ISO 9362) has a standard format to identify a bank, location, and the branch involved. These codes are used when transferring money between banks, particularly across international borders.
Titus Internal-Only   Detect files with Titus Labs Tag "Internal Only".
UK Drivers Licence Numbers   This policy detects UK Drivers Licence Numbers using the official specification of the UK Government Standards of the UK Cabinet Office.
UK Electoral Roll Numbers   This policy detects UK Electoral Roll Numbers using the official specification of the UK Government Standards of the UK Cabinet Office.
Defense Message System (DMS) GENSER Classification   This policy detects information classified as confidential according to the guidelines established by the Defense Information Systems Agency for the Defense Message System (DMS) General Services (GENSER) message classifications, categories and markings. These standards outline how to mark classified and sensitive documents according to US standards, as well as providing interoperability with NATO countries and other US allies.

 

  • Was this article helpful?