Data Loss Prevention

I'm looking for the best method to upload 100 numbers for detection.  The number format is 123456-12345, the first half will be static numbers but the second half of that will be adaptive but always 5 digits.

I have set a test policy with one number to test, currently just using content matches regular expression : (123456-[0-9]{5}).  This works and is creating incidents as I would like, but what is the best way to do this with 100 numbers?

Thanks 

Jay

Thanks for the help. Two questions based on your comment.  If I go with your option B, list all numbers in as DCM policy:

1. Would that impact perfomance in any way, having all those numbers?

2. Can I still use the format/wildcards I am currently using for each of the numbers?  or is there a way to apply that second half to all the numbers?  Such as ((123456,134679,195739)-[0-9]{5})

[A] If I understand this requirement, there are going to be 100 different/separate static numbers which you need to detect, I suppose. Like you have setup at present, you could add those regex patterns in DLP. However this is almost unheard of & most data types are already present in DLP if this is some standard data type you are trying to work with.

example: (123456-[0-9]{5})

(234567-[0-9]{5})

(345678-[0-9]{5})..and so on...

If not, then I suppose apart from (a) RegEx - the only other two options are (b) keyword based (list all numbers in/as a DCM policy) or (c) EDM (however this is a good option only if the detection is NOT going to be applied on the Endpoint channel (though the latest versions of the product works decently with EDM on EP)

[B] However if I'm totally off the path in understanding the main requirement totally and all you have is one static pattern and 100 numbers in total. Then regex is the best path forward.

100 as a count in itself is not that high in my opinion. I've seen four figured objects (1xxx atleast) in DCMs running perfectly fine. However some caution needs to be exercised with wildcards. Wildcards generally cause performance issues, no matter which product we use right? So this needs to be carefully tested/assessed before implementing.

I was thinking why not create a new/custom 'Pattern' and list all those regex(s) in it? Are there any issues doing that? Since to me it sounds like the best option for your requirement.

Understood, thanks for the input again!

As for creating a new/custom pattern, no reason other than I have not done that yet, so will have to learn the process...

hello

 you may also create a data identifier especially if you want to manage uniqueness in number of matched pattern.

 regards

Thanks Stephane... Creating a data identifier would require use of regex, correct?

yes, regex will be used to define patterns (you can set more than one for same DI) and you could also add a validator on numbers in your pattern.

With respect to regexp only, this will allow you to set a threshold and requires than you get unique values. This will avoid false positive where you get X times same number.