Create Policies

Objective: Create DLP Policies Using Your Custom Data Classifications

Now that you’ve created your custom data identifiers (based on Skyhigh templates), it’s time to create DLP policies similar to those we created in the RegEx section.

Tasks

Access your DLP policies. From the Policy heading, select DLP Policies and then DLP Policies.
From the Action drop-down menu, select Create New Policy.
Provide a name for the DLP policy such as “Skyhigh - French SSN” (hint: you want the name to describe that it’s the Skyhigh policy clone for French SSNs so that we can find and use it later).
Leave the deployment type at API, do not select a Service Instance, and do not add a user filter.

Tip

Note that Lightning Link and Reverse Proxy deployment types are for real-time enforcement of DLP policies when data is in motion to or from a sanctioned cloud service (as you would define by clicking the Select Service Instances button). This is out of scope for this lab, but ask your instructor for more information if you would like to see these in action.

Click Next to continue.

Set Rules for Your DLP Policy

In the first IF statement, select Classification.
In the side panel, under the custom category, select the classification you created for French Social Security Numbers.
Click Done to return to the policy rules.
Click the THEN button directly under your first rule.
Assign the Incident Severity to Major.
Click Next to continue to the DLP Responses.

Review Available Policy Responses

At the bottom of your policy, click the THEN button.
Review the list of available responses but do not select any of them.
After reviewing the list, click Cancel then Next.

Review Your French SSN DLP Policy

Verify that your DLP policy does what you intend and click Save.

Repeat the Steps Above to Create DLP Policies for Credit Card Numbers and UK Driver’s License Number Classification

Don’t forget to use the cloned/edited Skyhigh templates you created in the previous section.