Overview of AI-powered DLP

The Data Loss Prevention (DLP) feature provides advanced controls to safeguard sensitive data, particularly in the context of healthcare and other industries safeguarding sensitive data.

Today, we enable folks to detect and action on a wide variety of data:

  • Personal Identifiable Information (PII)
  • Personal Health Information (PHI)
  • Cardholder Information (PCI)

You can configure DLP rules to apply to specific applications (like LLM apps), or other entities

Customizing the Analysis Type

Within each rule, administrators can specify how to conduct analysis:

  1. Text Analysis: Target basic text / form inputs
  2. Upload Analysis: Target file uploads
  3. Text & Uploads: Target both text inputs and file uploads

This allows admins to tailor the analysis according to the specific nature of the data flow within their organization.

Additional Settings

DLP configuration comes with various additional settings to enhance security and flexibility:

  1. Generate alerts upon positive analysis: When enabled, the system will generate an alert whenever a particular sensitive data type (PHI, PII, PCI, etc.) is detected in any entity monitored by the rule. This can be useful for audit and compliance purposes.
  2. Analyze on all uploads: This setting enables the system to scan all uploads for sensitive data types, even if they do not fall under the selected domains or categories. It is an aggressive safeguard, ensuring no sensitive data is missed.
  3. Action upon detection: Administrators can configure what happens when a sensitive data type is detected. Actions may include:
    1. Block: Completely block the request where sensitive data was included.
    2. Warn: Notify the user of potential risks and allow them to decide whether to proceed.

Exclusions

To accommodate specific business needs or regulatory requirements, our DLP feature allows administrators to create exclusions. These exclusions can be applied to particular domains, categories, or even IP ranges using CIDR notation (both IPv4 and IPv6). These exclusions get applied to all DLP analysis types.

For example, an internal domain (internal.company.com) can be excluded from DLP rules to allow for operational freedom while maintaining security for external domains.

Create/Modify Exceptions

  1. Navigate to the Data Loss Prevention module.
  2. Click edit exclusions
  3. Alias the exclusion for future reference
  4. Add the domain, category, or IP range you wish to exclude from the DLP rules.
  5. Click the add button
  6. Save your changes

By configuring these exceptions, organizations can ensure that critical workflows are not hindered by overly strict security measures.

Was this page helpful?

Content FilteringPhishing Prevention