Content Identifier Policies
Content identification policies provide a mechanism to combine predefined and custom identification rules into a comprehensive policy to detect and report on content types found in the data Cyberhaven detect. The policies utilise the library of predefined or custom content identification rules to provide cover for a wide range of regulatory requirements, regional data protection laws, and industry-specific data types.
Overview
On the Content Identification Policies tab, you can:
- View all predefined and custom policies
- Create new custom policies
- Delete custom policies
- Enable/Disable the predefined and custom policies
Important Note Predefined policies cannot be deleted. These are managed by Cyberhaven and deployed automatically. If there is a requirement to modify a policy then make a duplicate copy and then you are able to modify the policy to your requirements.
Important Note Policies that are currently applied in a dataset cannot be deleted. To remove a custom policy first remove it from being referenced in any dataset.
Important Note There is a limitation on the number of policies that can be enabled, which depends on the total number of unique rules included in the enabled policies. This limit is set as part of platform configuration and will show in the UI.
Predefined Policy Library
Cyberhaven includes a comprehensive list of predefined policy templates that cover sensitive data detection for various countries, regions, and regulatory frameworks. Policies are named to help identify their region and the content types they are intended to identify, when a specific regulation or law is targeted this will be referenced in the name as well to aid with policy selection.
Policy Creation
To create a policy the platform supports two workflows, one with a simple builder that allows selection of policies with simple logic and an advanced builder that supports more complex logic and tunnig of individual settings.
To get to the policy builder from the side menu of the platform follow Settings -> Content Matching Rules -> Content Identifiers.
To build a new cotent policy select "Custom Policy", the side panel policy builder will be displayed with the options required to build a new policy with the regular method available.
Give the policy a name and description to help identify the policy in the list and then use the rules selection capability to select the required rules that will be used for matching.
There is a single option to select the logical operator for the application of rules, OR will allow a single match of any of the rules included in the policy to trigger a policy match, AND will require that all of the rules included are required to have a match before a policy match is generated.
When selecting rules there is the option included to allow for the selection of a minum number of match occurences for a rule before it is considered as a trigger for a policy match. This is set to the default of 1 initially, if it is a requirement to have more matches in the document then change this value to the required setting.
Note This setting for policies is not for unique matches. This means if the same match object is seen in the scanned content many times it can trigger the minimumm ocurrences capability. Unique match count is available and exposed in the advanced builder.
Policy Enablement
To make policies available for use in classification you must enable it, once enabled the rules will appear in the relevant location in the platform for use in elements such as datasets.
Once enabled, Cyberhaven's content inspection engines will analyze the content to find matches based on all evaluation of all of the enabled policies. When reporting matches for content inspection all matches for the object will be shown in the content report.