Only administrators with DLP privileges are able to create, modify, and delete DLP rules.
To create and edit DLP rules, follow the steps below:
- Access FileCloud's Admin portal > Governance > Smart DLP
- To add or create a new rule, click Add DLP Rule.
The Create DLP Rule dialog box opens:
- Fill in the fields.
- Rule Name: A name that identifies the DLP rule.
- Affected User Actions: User actions that trigger the DLP rule (DOWNLOAD, SHARE, or LOGIN).
- Rule Expression: Criteria for triggering the DLP rule. A minimum of one expression is required in order to create a DLP rule. See a list of Rule Expressions.
- DLP Action: Allow or Deny the user action if the parameters of the rule expression are triggered.
- DLP Mode: If a rule is violated, whether or not the action will be prevented. Regardless of the mode, the system creates an audit log.
- Enforce - (Default) The action will be prevented.
- Permissive - The action will not be prevented.
- Rule Notification: Message displayed to users when a rule is violated. Does not apply to log-in rules.
The following HTML tags are supported: <a>, <br>, and <p>. Only full urls (those beginning with http:// or https://) can be rendered.
- Click Create.
The rule appears in the DLP Rules table.
If the Rule Expression is not valid, an error will be thrown.
DLP crawlers run on all daily cron jobs and remove shares that violate any SHARE ENFORCE rules.