Go to the table of contents Go to the previous page You are at the end of the document View or print as PDF
Discovery policies
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
The predefined discovery policies are categorized as follows:
*
*
*
*
*
*
*
*
*
*
*
Acceptable Use
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detection of indecent images using image analysis.This may cause false positives. The rule for this policy is:
*
*
Policy for detection of offensive or inappropriate terms (non-editable). The rules for this policy are:
*
*
*
Company Confidential and Intellectual Property
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detecting bids, proposals, and tenders, such as responses to request for proposal (RFP) and invitation for bids (IFB) documents.
*
*
*
*
Policy for detection of Call Detail Record (CDR) files. The rules for this policy are:
*
*
*
Policy for the detection of database files. The rules for this policy are:
*
*
*
Database File: dBase File
*
Database File: Filemaker File
*
Database File: Lotus Notes NSF File
*
Database File: Microsoft Access File
*
*
*
Database File: Microsoft Works for DOS File
*
Database File: Microsoft Works for Mac File
*
Database File: Microsoft Works for Windows File
*
Database File: MORE File
*
*
Database File: Paradox File
*
*
*
*
Policy for detection of digitally signed PDF files. The rule for this policy is:
*
*
Policy for detection of files that contain macros.
*
*
*
*
*
Policy for detection of files containing general, personal, and investment financial information.The rules for this policy are:
*
*
*
*
Policy for detection of source code for various hardware languages: SPICE and its flavors, VHDL and Verilog. This policy is comprised of several rules for each language, each covering a different aspect of the detected texts.
The rules for this policy are:
*
*
*
*
*
Policy for detection of serial (IMEI) numbers of cell phones. The International Mobile Equipment Identity (IMEI) is a number unique to every GSM and UMTS and iDEN mobile phone as well as some satellite phones. It is usually found printed on the phone underneath the battery.
The rules for this policy are:
*
*
Policy for detection of location coordinates. The rules for this policy are:
*
*
*
Policy for detection of movie and TV script files.
The rule for this policy is:
*
*
Policy for detection of network security documents and network diagrams. This policy detects Network diagrams by searching for IP addresses, MAC addresses and various terms common to such documents. In order to achieve complete coverage, first 2 rules and one of the MAC address rules must be selected.
The rules for this policy are:
*
*
*
*
Policy for detection of patents and patent applications
The rule for this policy is:
*
*
Detect leakage of sensitive data in the Oil and Gas industry and, in particular, information pertaining to oil prospecting and drilling.
The rules for this policy are:
*
*
*
*
*
*
Policy for detection of security software files.
The rule for this policy is:
*
*
Policy for detection of software design documents.
The rule for this policy is:
*
*
Policy for detection of computer source code. The rules for this policy are:
*
*
*
*
*
Policy for detection of documents of prime strategic value, such as business and marketing plans. The rule for this policy is:
*
*
Policy to identify Microsoft license keys. This helps mitigate software piracy and unauthorized usage of corporate assets. The rule for this policy is:
*
Employee Discontent
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detection of documents comprising resumes and CVs in English. The rule for this policy is:
*
*
Policy for detection of documents comprising resumes and CVs in French. The rules for this policy are:
*
*
*
*
Policy for detection of documents comprising resumes and CVs in German. The rules for this policy are:
*
*
*
*
Policy for detection of documents comprising resumes and CVs in Spanish. The rules for this policy are:
*
*
*
*
Policy for detection of documents comprising resumes and CVs in Hebrew and English. The rule for this policy is:
*
*
Policy for detection of documents comprising resumes and CVs in Russian, Ukrainian, and English. The rule for this policy is:
*
*
Policy for detection of documents comprising resumes and CVs in Ukrainian, Russian, and English. The rule for this policy is:
*
Financial Information
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detection of 401(k) and 403(b) form that contain private information of employees. The rules for this policy are:
*
*
*
Policy for detection of Information suspected to be related to mergers and acquisitions. The rule for this policy is:
*
*
Policy for detection of Austrian financial information.
*
*
*
Policy for detection of Belgian financial information.
*
*
*
*
*
*
Policy for detection of Bulgarian financial information.
*
*
*
Policy for detection of Croatian financial information. The rules for this policy are:
*
*
*
Policy for detection of Cypriot financial information. The rules for this policy are:
*
*
*
Policy for detection of Czech financial information. The rules for this policy are:
*
*
*
Policy for detection of Danish financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Estonian financial information. The rules for this policy are:
*
*
*
Policy for detection of files containing general, personal, and investment financial information. The rules for this policy are:
*
*
*
*
Policy for detection of Finnish financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of French financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of German financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Greek financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Hungarian financial information. The rules for this policy are:
*
*
*
Policy for detection of Icelandic financial information.This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Irish financial information. This may cause false positives. The rules for this policy are:
*
*
*
Policy for detection of International Securities Identification Number (ISIN), which uniquely identifies a security. The ISIN code is a 12-character alphanumerical code that serves as uniform identification of a security at trading and settlement. This may cause false positives. The rules for this policy are:
*
*
*
Policy for detection of Italian financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Kazakh financial information. The rules of this policy are:
*
*
*
Policy for detection of Latvian financial information. The rules for this policy are:
*
*
*
Policy for detection of Lithuanian financial information. The rules for this policy are:
*
*
*
Policy for detection of Luxembourgian financial information. The rules for this policy are:
*
*
*
Policy for detection of Maltese financial information. The rules for this policy are:
*
*
*
Policy for detection of Mexican financial information. The rules for this policy are:
*
*
*
Policy for detection of Dutch financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Norwegian financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of PRC financial information. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of Polish financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Portuguese financial information. The rules for this policy are:
*
*
*
Policy for detection of files containing pricing information and pricelists.
The rules for this policy are:
*
*
*
Policy for detection of Qatari financial information. The rules for this policy are:
*
*
*
Policy for detection of Romanian financial information. The rules for this policy are:
*
*
*
Policy for detection of Routing Transit Numbers (RTN), also known as American Bankers Association (ABA) numbers. RTN numbers are nine digit bank codes, used in the United States to identify, for example, which financial institution checks and banknotes are drawn upon.This may cause false positives. The rules for this policy are:
*
*
*
Policy for detection of Saudi Arabia financial information. The rule for this policy is:
*
*
Policy for detection of Slovak financial information. The rules for this policy are:
*
*
*
Policy for detection of Slovenian financial information. The rules for this policy are:
*
*
*
Policy for detection of Spanish financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Swedish financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Swiss financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Turkish financial information. This may cause false positives. The rules for this policy are:
*
*
*
Policy for detection of UK financial information. This may cause false positives. The rule for this policy is:
*
*
Policy for detection of Emirati financial information. The rules for this policy are:
*
*
*
Policy for the detection of IRS Tax Forms; for example, Form W-2, Form W-4, and Form 1040. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
EU General Data Protection Regulation (GDPR)
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
The description and list of rules for each policy in this category can be found in other sections of this document.
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Indicators of Compromise
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detecting records of SQL table data extracted from a database. The rules for this policy are:
*
*
*
*
Policy for detecting private keys or file formats that contain them. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detecting .REG files (Windows Registry files). The rule for this policy is:
*
*
Policy for the detection of a suspected malicious content dissemination such as: encrypted or manipulated information, passwords files, credit card tracks, suspected applications and dubious content such as information about the network, software license keys, and database files. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of data concealment applications. The rule for this policy is:
*
Payment Card Information (PCI)
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
A permissive policy for detecting potential credit-card-numbers. The policy contains several rules to address corner cases, such as numbers that appear as part of a long sequence, with user-defined delimiters etc. Most of the rules in the policy may cause high rate of false positives and are not recommended for usage in production mode. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
The Payment Card Industry Data Security Standard (PCI DSS) is an industry standard, accepted internationally by all major credit card issuers. The standard is enforced on companies and organization that accept credit card payments or process, store, or transmit cardholder data. The standard mandates, among others, that credit card numbers and cardholder data should be highly secured and that transactions comprising data should be encrypted. The rules for this policy are:
*
*
*
*
Protected Health Information (PHI)
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for detection of protected health information for Australian citizens. The rules for this policy are:
*
*
*
*
*
Policy for detection of data types pertaining to medical conditions, drugs etc
The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of protected health information for Israeli citizens, to promote compliance with Israeli privacy rules and Israeli patients rights law of 1996. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of protected health information for Italy citizens. The rules for this policy are:
*
*
*
*
*
Policy for detection of protected health information for Norwegian citizens. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
A policy for discovery of protected health information (PHI) of Swedish citizens and residents. The policy comprises rules for detection of Health information and Medical Conditions (in Swedish or English), in proximity to personally identifiable information such as personal number (personnummer), or name. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of UK NHS numbers.The rules for this policy are:
*
*
*
*
*
A policy for detection of protected health information of US citizens. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Personally Identifiable Information (PII)
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy to detect files containing personally identifiable information for residents of Australia. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of Austrian private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Belgian private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of biometric files. The rules for this policy are:
*
*
*
*
*
*
Policy for detection of combinations of Brazilian PII like Brazilian full names, CPF numbers, and health conditions. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of Bulgarian private information. The rules for this policy are:
*
*
*
Policy for detection of Canadian private information. The rules for this policy are:
*
*
*
*
*
*
*
*
The 'California Consumer Privacy Act of 2018' (CCPA) protects the personal information collected by businesses. Businesses in violation of the act shall be liable for a civil penalty. The policy detects personally identifiable information (PII), such as social security numbers, and credit card numbers. The policy also covers previous Californian privacy regulations, such as California SB 1386 of 2003, California AB 1950 of 2004 and AB-1298 of 2017.
The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Chilean private information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Colombian private information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Costa Rican private information. The rules for the policy are:
*
*
*
*
*
*
*
Policy for detection of credit card numbers. The rules for this policy are:
*
*
*
*
*
Policy for detection of Unique Master Citizen Numbers and Personal identification numbers. The rules for this policy are:
*
*
*
*
*
Policy for detection of Cypriot private information. The rules for this policy are:
*
*
*
Policy for detection of Czech Republic private information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Danish personally identifiable information. The rule for this policy is:
*
*
*
*
Policy for detection of Employer Identification Numbers (EIN). This may cause false positives. The rule for this policy is:
*
*
Policy for detection of files containing a large number of email addresses. The rules for this policy are:
*
*
*
Policy for detection of Estonian private information. The rules for this policy are:
*
*
*
Policy for detection of Finnish personally identifiable information. The rule for this policy is:
*
*
*
*
Policy for detection of French personally identifiable information. The rule for this policy is:
*
*
*
*
*
*
*
*
Policy for detection of sensitive private information, whose loss may damage the privacy or the reputation of the pertained person or expose the person to potential fraud. The policy comprises rules for detection of various kinds of sensitive private information, such as protected health information, account numbers and passwords. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy to detect private and sensitive information in German, for German-speaking countries. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of Greek personally identifiable information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
Policy to detect files containing personally identifiable information for residents of Hong Kong. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Hungarian private information. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of Icelandic personally identifiable information. The rule for this policy is:
*
*
Policy for detection of Indian personally identifiable information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Indonesian private information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Irish personally identifiable information. The rules for this policy are:
*
*
*
*
*
*
Policy to identify files containing Israeli confidential and private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
Policy to detect private and sensitive information in Italy, including health information. The rules for this policy are:
*
*
*
*
*
*
Policy to detect private and sensitive information in Japan. The rules for this policy are:
*
*
*
*
*
*
Policy for detection of Kazakh private information. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of Latvian private information. The rules for this policy are:
*
*
*
Policy for detection of Lithuanian private information. The rules for this policy are:
*
*
*
Policy for detection of Luxembourgian private information. The rules for this policy are:
*
*
*
*
*
Policy to detect files containing personally identifiable information for residents of Macau. The rules for this policy are:
*
*
*
*
*
*
Policy for detection of Unique Master Citizen Numbers. The rules for this policy are:
*
*
*
Policy to detect files containing personally identifiable information for residents of Malaysia. The rule for this policy is:
*
*
Policy for detection of Maltese private information. The rules for this policy are:
*
*
*
Policy for detection of Mexican Personal Information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Unique Master Citizen Numbers. The rules for this policy are:
*
*
*
Policy to detect private and sensitive information in Dutch, for Dutch-speaking countries. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy to detect files containing personally identifiable information for residents of New Zealand. The rule for this policy is:
*
*
*
*
Policy to detect private and sensitive information in Norway, including health information. The rules for this policy are:
*
*
*
*
*
Policy for detection of People's Republic of China private information. The rules for this policy are:
*
*
*
*
*
*
*
Policy for detection of Peruvian private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
Policy for detection of Philippines private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of personal information for residents of Poland. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
Policy for detection of Portuguese private information. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of Romanian private information. The rule for this policy is:
*
*
Policy for detection of Russian personally identifiable information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Unique Master Citizen Numbers. The rules for this policy are:
*
*
*
Policy to detect files containing personally identifiable information for residents of Singapore. The rules for this policy are:
*
*
*
*
Policy for detection of Slovak private information. The rules for this policy are:
*
*
*
*
*
Policy for detection of Unique Master Citizen Numbers. The rules for this policy are:
*
*
*
Policy for detection of validated social security numbers policy. The rules for this policy are:
*
*
*
*
*
Policy for detection of personal information of South African citizens. The rules for this policy are:
*
*
*
*
*
Policy to detect files containing personally identifiable information for residents of South Korea. The rules for this policy are:
*
*
*
*
*
Policy for private and sensitive information in Spanish. The policy contains rules to detect combinations of Spain National Identity Document and sensitive private information like account number, ethnicity and health conditions. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Swedish personally identifiable information. The rules for this policy are:
*
*
*
*
Policy for detection of Swiss personally identifiable information. The rules for this policy are:
*
*
*
*
Policy to detect files containing personally identifiable information for residents of Taiwan. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of Thai personally identifiable information. The rule for this policy is:
*
*
*
*
Policy for detection of personal information of Turkish citizens. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of personal information of UK citizens. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy to detect personally identifiable information (PII) for residents of the United States. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detection of Vietnamese private information. The rules for this policy are:
*
*
*
*
Regulations
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
The 'California Consumer Privacy Act of 2018' protects personal information collected by businesses. Businesses in violation of the act are liable for civil penalties. The policy detects personally identifiable information (PII), such as social security numbers, credit card numbers, and passwords. The policy also covers previous Californian privacy regulations, such as California SB 1386 of 2003, California AB 1950 of 2004, and AB-1298 of 2017. The rules of the policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy to promote compliance with the requirements imposed by the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Council (NERC) to protects Critical Energy Infrastructure Information (CEII). The policy detects sensitive Energy Infrastructure Information, such as natural gas pipeline flow diagrams, various drawing and schemes files and FERC forms 567 and 715. The rules for this policy are:
*
*
*
*
*
The Sarbanes-Oxley Act (SOX) mandates public companies to comply with its requirements. This act provides strict guidelines for ensuring corporate governance and control policies for information within publicly traded companies. This policy promotes compliance with the data protection aspects of SOX by detecting audit terms and SEC 10-K and 10-Q reports. The rules for this policy are:
*
*
*
*
A policy to promote compliance with the Swedish Patient Data Act (Patientdatalag , SFS 2008:355) that mandates protection of protected health information (PHI) and Personally Identifiable Information (PII) of Swedish citizens and residents . The policy comprises rules for discovery of health information or medical conditions (in Swedish or English), in proximity to personally identifiable information such as personnummer or name, and for detection of SPSS files and Database files. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
International Traffic in Arms Regulations (ITAR) is a set of United States government regulations that control the export and import of defense-related articles and services. The policy detects information about sensitive technologies being disseminated, as well as source code and confidential documents. For source code in the SPICE and VHDL languages, please select all relevant rules to achieve complete coverage. The rules for this policy are:
*
*
*
*
*
Suspicious User Activity
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
*
Policy for the detection of database files. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
*
*
Policy for detecting deep web URLs that appear in analyzed content such as textual documents or email messages and end with the pseudo-top-level domains .onion and .i2p. The deep web is a portion of World Wide Web content that is not indexed by standard search engines and that is intentionally hidden from the regular Internet, accessible only with special software, such as Tor. Such URLs are used for anonymous defamation, unauthorized leaks of sensitive information and copyright infringement, distribution of illegal sexual content, selling controlled substances, money laundering, bank fraud, credit card fraud and identity theft, among other things. The rules for this policy are:
*
*
*
File-type classifiers
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
This section contains the full list of file-type classifiers provided by Forcepoint. You can also create new classifiers. For information, see Adding a file-type classifier.
 
Script classifiers
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
This section contains the full list of predefined script classifiers. Edit the classifiers as needed. For information, see Editing a predefined script.
 
If more than 3 valid ABNs are found, the classifier determines the percentage of valid ABNs to 11-digit numbers.
For example: ABN: 12345678900
Dictionaries
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
This section contains the full list of industry-related dictionaries provided by Forcepoint. You can also create new classifiers. For information, see Adding a dictionary classifier.
 
Pattern classifiers
Predefined Policies and Classifiers | Forcepoint DLP | 8.8
This list the predefined pattern classifiers. Administrators can also create new classifiers. For information, see Adding or editing a regular expression classifier.
 
Looks for 6- to 10-digit numbers. For example: 1234567
©2020 Forcepoint. Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint. Raytheon is a registered trademark of Raytheon Company. All other trademarks used in this document are the property of their respective owners.

Go to the table of contents Go to the previous page You are at the end of the document View or print as PDF
Copyright 2020 Forcepoint. All rights reserved.