Data Loss Prevention

Hello,

I was able to find and code in RegEx the US DL# formats by state and also have a list of keywords. However I'm trying to build rules to effectively identify this material. The proximity option only works between keyword for example (DLN, driver license) and ("state abbreviations"). I would like to also work with the defined DI. Is there a way to do this?  Has anyone expanded their search for driver license numbers beyond the default states and can share some guidance, do's and don'ts, how to?

Thanks,

-Ben

Refer to this document attached below, Section 4 Chapter 13 "Authoring Policies".  It will have a library of US DL formats.  Hopefully you find what you are looking for.

I suggest using the DI that comes prebuilt with Symantec for US DL and pair it with Content Matches Keyword rule (i.e. "NY Driver License", "FL DL", etc.).  Also, it won't hurt to do your research on what the current number patterns are as some DI's in Symantec might be obsolete.  

But anything outside US or other countries' DL, I suggest using regex (I believe only a few country DL patterns are prebuilt as DI in Symantect).  

Attachment(s)

Symantec_DLP_12.5_Admin_Guide.pdf   14.41 MB 1 version

So driver's license has been a bit of a bear with DLP.  There are the predefined polices (data identifiers) for various states (IE Michigan, IL, etc.) but a lot of states are missing.  States that do not have the predefined data identifiers do not have an easily to use pattern behind them nad you need to create a unique Data Identifier.

DLP 12.5 allows for the creation of custom data idenifiers in the system.  The regular expression that is created can then be paired with keywords etc. to limit the false positives that are in the system.