Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Online Help

    Home FortiCASB 24.4.b Online Help
    24.4.b
    24.4.b
    24.3.b
    24.3.a
    24.2.a
    24.1.b
    24.1.a
    23.4.a
    23.3.a
    23.2.b
    23.2.a
    23.1.0
    22.4.0
    21.4.0
    21.2.0
    21.1.0
    20.4.1
    20.4.0
    20.3.0
    20.2.0
    20.1.0
    4.2.0
    4.1.0
    2.1.0

    Data Security Policy Match Criteria

    Data Security Policy Match Criteria

    There are eight match criteria that data security policies offers that can be customized when Customized Data Security policy is created.

    Files Created After

    File Types

    Access Permissions

    File Activity Triggers

    Microsoft Entra ID Group

    Files Shared With Users/Domains NOT In Trust List (Google Workspace files only)

    Label Triggers

    SaaS Applications

    Data Patterns

    Files Created After

    Time frame of the files being targeted, only the files on the SaaS application created after the designated day are targeted for data scan.

    File Types

    There are two parts in file types selection, the first part is text and compressed files types supported by Data Security policy.

    The text and compressed file types supported are doc, ppt, pptx, xls, xlsx, txt, rtf, js, pdf, zip, tar, 7z, gz, exe.

    The second part is image file types supported for OCR(Optical Character Recognition) scan. The Mime image file types supported are jpg, jpeg, png, tif, and tiff. The toggle switch button has to turn On to activate OCR Scan.

    Access Permissions

    The access permission option can be customized to target specific share permissions of the files.

    The supported file sharing types are Private Access, Public Editable, Group Editable, Group Readable, and Public Readable.

    File Activity Triggers

    The File Activity Triggers target specific file activities conducted on the file. Supported file activities are Create File, Modify File, Access File, and Share File. File Activity Triggers has configurable threshold that can be adjusted based on the number of times the activity is detected in a specified time frame.

    Microsoft Entra ID Group

    When a Microsoft Entra ID Group is selected, only the users of the group will be scanned by Data Security Policy and trigger alerts. If no group is selected, all users will be scanned by the Data Security Policy and trigger alerts.

    Files Shared With Users/Domains NOT In Trust List (Google Workspace files only)

    The users and domains selected from the User Trust List and Domain Trust List will be monitored for files shared between the trusted users and external users. An alert will be triggered when a file is shared by a trusted user/domain with an external user.

    For example, when a trusted user named John Meyer shared a file with Mike Taylor who is not part of the Trust List. An alert will be triggered.

    User Trust List and Domain Trust List can be configured in Overview > Trusted List.

    SaaS Applications

    In SaaS Applications option, only onboarded SaaS applications will appear in this section. Selected only the SaaS applications that will be targeted for DLP data scan.

    Note: SAP IAS is not supported in Data Security policy.

    Data Patterns

    DLP Patterns selection determines which data patterns will be used in the Data Security Policy. Both Predefined Data Patterns and Customized Data Patterns can be selected as the match criterias.

    For more details on supported DLP patterns, please see Predefined Data Pattern and Customized Data Pattern.

    Previous
    Next

    Data Security Policy Match Criteria

    Data Security Policy Match Criteria

    There are eight match criteria that data security policies offers that can be customized when Customized Data Security policy is created.

    Files Created After

    File Types

    Access Permissions

    File Activity Triggers

    Microsoft Entra ID Group

    Files Shared With Users/Domains NOT In Trust List (Google Workspace files only)

    Label Triggers

    SaaS Applications

    Data Patterns

    Files Created After

    Time frame of the files being targeted, only the files on the SaaS application created after the designated day are targeted for data scan.

    File Types

    There are two parts in file types selection, the first part is text and compressed files types supported by Data Security policy.

    The text and compressed file types supported are doc, ppt, pptx, xls, xlsx, txt, rtf, js, pdf, zip, tar, 7z, gz, exe.

    The second part is image file types supported for OCR(Optical Character Recognition) scan. The Mime image file types supported are jpg, jpeg, png, tif, and tiff. The toggle switch button has to turn On to activate OCR Scan.

    Access Permissions

    The access permission option can be customized to target specific share permissions of the files.

    The supported file sharing types are Private Access, Public Editable, Group Editable, Group Readable, and Public Readable.

    File Activity Triggers

    The File Activity Triggers target specific file activities conducted on the file. Supported file activities are Create File, Modify File, Access File, and Share File. File Activity Triggers has configurable threshold that can be adjusted based on the number of times the activity is detected in a specified time frame.

    Microsoft Entra ID Group

    When a Microsoft Entra ID Group is selected, only the users of the group will be scanned by Data Security Policy and trigger alerts. If no group is selected, all users will be scanned by the Data Security Policy and trigger alerts.

    Files Shared With Users/Domains NOT In Trust List (Google Workspace files only)

    The users and domains selected from the User Trust List and Domain Trust List will be monitored for files shared between the trusted users and external users. An alert will be triggered when a file is shared by a trusted user/domain with an external user.

    For example, when a trusted user named John Meyer shared a file with Mike Taylor who is not part of the Trust List. An alert will be triggered.

    User Trust List and Domain Trust List can be configured in Overview > Trusted List.

    SaaS Applications

    In SaaS Applications option, only onboarded SaaS applications will appear in this section. Selected only the SaaS applications that will be targeted for DLP data scan.

    Note: SAP IAS is not supported in Data Security policy.

    Data Patterns

    DLP Patterns selection determines which data patterns will be used in the Data Security Policy. Both Predefined Data Patterns and Customized Data Patterns can be selected as the match criterias.

    For more details on supported DLP patterns, please see Predefined Data Pattern and Customized Data Pattern.

    Previous
    Next