Create the DLP Policy

Objective: Create a DLP Policy Using Your New Classification and Fingerprints

You will notice the workflow for creating this DLP policy is almost identical to previous policies we have created. Since you’re becoming a pro at this, we’ve omitted screenshots this time around.

Tasks

Tip

Perform the steps below from the Skyhigh Dashboard tab in your browser (not in the remote desktop / Guacamole session)

Create a DLP Policy

  1. From the Skyhigh Dashboard main heading, select Policy > DLP Policies > DLP Policies.
  2. From the Actions dropdown menu, select Create New Policy.
  3. Give your new DLP policy a name, such as Confidential Account Policy.
  4. Set the Deployment Type to API.
  5. Click Select Service Instances and select your S3 account you configured earlier (there should be only one).
  6. Click Done in the select services slide-out panel.
  7. Leave the Users setting at Include All Users.
  8. Click Next.

Configure DLP Policy Rules

  1. Under Rule Group 1, select Classification next to the first If statement.
  2. Select the classification you recently created that uses EDM. It will be found under the unassigned heading in the slide-out panel unless you assigned it to another category earlier.
  3. Click Done in the slide-out panel.
  4. Click the THEN box under your first If statement, and select the Critical severity.
  5. Click Next.
  6. Click Next on the responses screen. Note: This area can be used to automatically remediate (delete, quarantine, revoke permissions, etc) violations.
  7. At the review screen, click Save.