Predefined Content Identifier Policies
Cyberhaven provides a comprehensive library of predefined Content Identifier Policies designed to detect sensitive data types commonly found in organizations worldwide. These policies are built using the Nucleuz Classification Engine and cover a wide range of regulatory requirements, regional data protection laws, and industry-specific data types.
Overview
On the Content Identification Policies tab, you can:
- View all predefined and custom policies
- Create new custom policies
- Delete custom policies
- Enable/Disable the predefined and custom policies
Note
Predefined policies cannot be deleted.
Policies that are currently applied in a dataset cannot be deleted.
Predefined Policy Library
Cyberhaven includes 257 predefined policy templates that cover sensitive data detection for various countries, regions, and regulatory frameworks. These policies are organized into several categories to help you quickly identify and deploy the appropriate detection rules for your organization's needs.
Policy Categories
The predefined policies are organized into the following high-level categories:
Regulatory and Compliance Policies
- Anti-Money Laundering (AML): Detects potential signs and symptoms of money laundering
- GDPR Compliance: European General Data Protection Regulation requirements
- HIPAA: Healthcare data protection for US organizations
- PCI DSS: Payment card industry data security standards
- SOX: Sarbanes-Oxley Act compliance requirements
Country-Specific Data Protection
The library includes comprehensive coverage for personal data protection laws across major regions:
- North America: United States, Canada
- Europe: Individual policies for EU member states including Germany, France, Italy, Spain, Netherlands, and others
- Asia-Pacific: Australia, China, Japan, South Korea, India, Singapore
- Latin America: Brazil, Argentina, Chile, Colombia, Mexico
- Other Regions: Additional coverage for various countries worldwide
Financial and Banking Data
- Credit/Debit Card Numbers: Multiple card types with validation
- Bank Account Numbers: Various national and international formats
- Tax Identification Numbers: Country-specific tax ID formats
- Social Insurance Numbers: National identification systems
Healthcare and Medical Data
- Medical Record Numbers: Healthcare identifier formats
- Drug Enforcement Agency (DEA) Numbers: US pharmaceutical tracking
- Healthcare Provider Identifiers: Various medical professional IDs
Government and Legal Data
- Passport Numbers: Multiple country formats
- Driver License Numbers: Regional license formats
- Social Security Numbers: National identification numbers
- Voter Registration: Electoral system identifiers
Communication and Technology
- Email Addresses: Various email format detection
- IP Addresses: IPv4 and IPv6 address formats
- Authentication Credentials: Login and access data
Example Policy Categories
Personal Data Policies
- Argentina Personal Data Policy
- Australia Personal Data Policy
- Brazil Personal Data Policy
- Canada Personal Data Policy
- China Personal Data Policy
- European Union Personal Data Policy
- United States Personal Data Policy
Sensitive Data Policies
- Australia Sensitive Data Policy
- Brazil Sensitive Data Policy
- Canada Sensitive Data Policy
- European Union Sensitive Data Policy
- United States Sensitive Data Policy
Industry-Specific Policies
- Healthcare Identifier Policies
- Financial Services Policies
- Government Document Policies
- Legal and Compliance Policies
Policy Management
Enabling Policies
Enable the predefined and custom policies you want to use for content inspection. Cyberhaven's content inspection engines will analyze the content to find matches based on the enabled policies. The enabled policies will be available for selection when applying the Content Attributes condition in a dataset.
Policy Limitations
Note
You cannot disable policies currently in use within a dataset.
Additionally, there is a limitation on the number of policies that can be enabled, which depends on the total number of unique rules included in the enabled policies.