Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help
24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Data Security Policy

Data Security Policy

Introduction

Data Security Policy defines which DLP data patterns should be monitoring what type of files under which SaaS applications, and what activities would trigger an alert. In addition, when a data security alert is triggered, what action should be taken to mitigate.

In 2024, a major enhancement leveraging an Large Language Model framework with AI capability to accurately trigger DLP alerts that match Data Security policy, false positives and false negatives are minimized while providing better classification for text that can potentially match multiple data types.

Data Security Policy can be created in Data Protection > Policies > Data Policies.

File types Supported by Data Security Policy

These are the file types supported by Data Security Policy:

Compressed/UnCompressed

File Types
Uncompressed Microsoft Word Document (.doc, .docx)
Microsoft Powerpoint Document (.ppt, .pptx)
Microsft Excel Document (.xls, .xlsx)
Text File (.txt, .rtf ,js)

Portable Document Format (.pdf)
Compressed .zip
.tar
.7z
.gz

.exe

FortiCASB DLP scan extracts and scans compressed files without limitation on the level of compressions.

For example, a zipped file that is zipped multiple times under a zip file will still be DLP scanned.

Predefined Data Protection Policy

Default FortiCASB Scan-All Data Protection Policy is the predefined default data security policy where all files under all onboarded SaaS accounts are monitored for all types of file activities using the 34 FortiCASB basic predefined data patterns. For the full list of basic predefined data patterns, please see Basic Predefined Data Patterns.

To utilize all 147 predefined data patterns and customized data pattern, create a Customized Data Protection policy to incorporate other predefined and customized data pattern.

Customized Data Protection Policy

Customized Data Protection policy can be created through +Add New.

Important: When a customized data protection policy is enabled, the Default FortiCASB Scan-All Data Protection Policy needs to be disabled to avoid two conflicting policies.

Data Security Policy Best Practice

  1. Create a customized data protection for specific files you are monitoring. This practice can avoid conducting DLP scan on files that are not intended to be monitored.
  2. When choosing DLP Patterns, only choose the DLP patterns that needs to be protected and monitored. This practice avoid conducting unnecessary DLP scans over time.
  3. Always turn on Email Notification and Notify File Owners features to send alerts to relevant personnel to expedite the mitigation process.
  4. Take advantage of Send Alert to FortiAnalyer feature if FortiCASB is one of the security fabrics in your organization.

Previous
Next

Data Security Policy

Introduction

Data Security Policy defines which DLP data patterns should be monitoring what type of files under which SaaS applications, and what activities would trigger an alert. In addition, when a data security alert is triggered, what action should be taken to mitigate.

In 2024, a major enhancement leveraging an Large Language Model framework with AI capability to accurately trigger DLP alerts that match Data Security policy, false positives and false negatives are minimized while providing better classification for text that can potentially match multiple data types.

Data Security Policy can be created in Data Protection > Policies > Data Policies.

File types Supported by Data Security Policy

These are the file types supported by Data Security Policy:

Compressed/UnCompressed

File Types
Uncompressed Microsoft Word Document (.doc, .docx)
Microsoft Powerpoint Document (.ppt, .pptx)
Microsft Excel Document (.xls, .xlsx)
Text File (.txt, .rtf ,js)

Portable Document Format (.pdf)
Compressed .zip
.tar
.7z
.gz

.exe

FortiCASB DLP scan extracts and scans compressed files without limitation on the level of compressions.

For example, a zipped file that is zipped multiple times under a zip file will still be DLP scanned.

Predefined Data Protection Policy

Default FortiCASB Scan-All Data Protection Policy is the predefined default data security policy where all files under all onboarded SaaS accounts are monitored for all types of file activities using the 34 FortiCASB basic predefined data patterns. For the full list of basic predefined data patterns, please see Basic Predefined Data Patterns.

To utilize all 147 predefined data patterns and customized data pattern, create a Customized Data Protection policy to incorporate other predefined and customized data pattern.

Customized Data Protection Policy

Customized Data Protection policy can be created through +Add New.

Important: When a customized data protection policy is enabled, the Default FortiCASB Scan-All Data Protection Policy needs to be disabled to avoid two conflicting policies.

Data Security Policy Best Practice

  1. Create a customized data protection for specific files you are monitoring. This practice can avoid conducting DLP scan on files that are not intended to be monitored.
  2. When choosing DLP Patterns, only choose the DLP patterns that needs to be protected and monitored. This practice avoid conducting unnecessary DLP scans over time.
  3. Always turn on Email Notification and Notify File Owners features to send alerts to relevant personnel to expedite the mitigation process.
  4. Take advantage of Send Alert to FortiAnalyer feature if FortiCASB is one of the security fabrics in your organization.

Previous
Next