Privacera Platform master publication

Rules

:

You can create and manage custom and system-provided rules in Privacera Discovery. By executing the conditions in each rule, Discovery applies classifications to your data. The output tag associated with the processed rule is applied to the resource as the final tag.

The generation of tags depends on the order of the rules. See Processing Order of Scan Techniques and Reorder Structured Rules.

You can also create rule mappings.

Types of rules

There are three types of rules in Privacera Discovery:

  • Structured

  • Unstructured

  • Post-processing

Example rules and classifications

Based on the tags found in a structured or unstructured rule or a table in various columns, we can assign a tag to the file or the table. This is an AND conditions of output tags. For example, you can set multiple rules as follows:

  1. If a file has PERSON_NAME AND EMAIL AND SSN , tag as PII.

  2. If a file has USER_ID AND GEO, tag as SENSITIVE .

  3. If a file has USER_ID AND IP , tag as SENSITIVE .

Create a structured rule

To create a structured rule:

  1. From the navigation menu, select Discovery > Rules.

  2. On the Rules page, click Structured > Create Rule.

    The Create Rule dialog is displayed.

  3. In the Create Rule dialog, enter the following details:

    • Name: The name of the rule.

    • Description: A description of the rule (optional).

    • Must Have: From the dropdown menu, select dictionaries, patterns, or models to be included in the rule.

    • Must Not Have: From the dropdown menu, select dictionaries, patterns, or models to be included in the rule.

    • Score Type: From the dropdown menu, select one of the following options:

      • Auto: If the rule is applied, the resource is classified as System.

      • Review: If the rule is applied, the resource is classified as Pending Review.

    • Output Tags: The tags associated with the rule.

    • Key For Samples: The keys from the objects in the Must Have dropdown menu.

    • Enable rule: The rule is enabled or disabled.

  4. Review the information in Rule preview section.

  5. Click Save.

    The structured rule is created.

Reorder structured rules

Rule order decides the priority of the rules applied during classification.

To reorder rules:

  1. On the Rules page, click Reorder.

  2. Drag the rules up or down to change the order.

  3. Click Save Order.

    The new order is saved.

Create an unstructured rule

To create an unstructured rule:

  1. From the navigation menu, select Discovery > Rules.

  2. On the Rules page, click Unstructured > Create Rule.

    The Create Rule dialog is displayed.

  3. Enter the following details:

    • Rule Name: Name of the rule.

    • Description: Description of the rule (optional).

    • Must Have: From the dropdown menu, select dictionaries, patterns, or models to be included in the rule.

    • Must Not Have: From the dropdown menu, select dictionaries, patterns, or models to be excluded from the rule (optional).

    • Word Proximity: Name of a pattern to identify sensitive information within the specified number of words.

    • Key order strict: Using the toggle, indicate whether key order is strictly followed.

    • Enable rule: Using the toggle, enable or disable the rule.

  4. Review the information in the Rule preview section.

  5. Click Save.

The unstructured rule is created.

Create a rule mapping

To create a rule mapping:

  1. From the navigation menu, select Discovery > Rules.

  2. On the Rules page, click Rule Mapping > Add Mapping.

    The Add Key Tag Mapping dialog is displayed.

  3. From the Key dropdown menu, select a dictionary, pattern, or model.

  4. From the Tag dropdown, select a tag.

    Note

    You can add multiple keys and tags by clicking +.

  5. Click Save

    The rule mapping is created.

Export rules and mappings

To export a rule file in JSON format for a structured rule:

  1. From the navigation menu, select Discovery > Rules.

  2. Click Export.

  3. Select the files you wish to export.

  4. Click Export

The rule file is exported.

Import rules and mappings

To import a JSON rule file for a structured rule:

  1. From the navigation menu, select Discovery > Rules.

  2. On the Rules page, click Import.

    The Import dialog is displayed.

  3. Click Choose File and select the JSON file.

    Note

    Selecting Clean Previous deletes all existing rules.

  4. Click Save.

The rule file is imported.

Post-processing in real-time and offline scans

With post-processing, the data is scanned and then the rules are applied on the tagged data in multiple passes. Post-processing can be used with both real-time and offline scans. Based on the output tags of the rules applied after the initial scan, with post-processing you can add additional tags on the parent or child data resources.

Post-processing rules should be applied after datazone and tag propagation is done.

For example, after the initial scan of a structured or unstructured file or columns within a table, Privacera Discovery will identify the data and classify them with tags based on the rules. After the initial scan has tagged various columns within a table or a file, you can use post-processing rules to assign additional tags to the file or the parent table.

Enable post-processing

To enable post-processing:

  1. Navigate to Setting > System Configuration.

  2. Search for the property privacera.portal.rules.post_process.enable=false.

    Note

    The default setting is false.

  3. Set the property to true.

Example of post-processing rules on tags
  1. From the navigation menu, select Discovery > Rules.

  2. On the Rules page, select Post-Processing.

  3. Create a new rule with the following condition: If PERSON_NAME and SSN are found, apply the SENSITIVE tag.

  4. Rescan the file to apply the post-processing rules.

    The fields are now classified as SENSITIVE and the tag is applied in the unformatted view.

List of structured rules

The following is a list of the Privacera-supplied structured rules. For more information about any, look at the pattern itself in the Platform UI.

  • Australia Bank Account Number

  • Australia Bank BSB code

  • Australia Driver License

  • IBAN Rule

  • rule_auto_1P

  • rule_auto_2P

  • rule_auto_3P

  • rule_auto_4P

  • rule_auto_5M

  • rule_auto_6M

  • rule_auto_7M

  • rule_auto_8M

  • rule_auto_9M

  • rule_biometric

  • rule_biometric_keyword

  • rule_cc

  • rule_city_name

  • rule_criminal_keyword

  • rule_dob

  • rule_email

  • rule_ethnicity_keyword

  • rule_gps

  • rule_gps_6_digit

  • rule_medical_keyword

  • rule_national_id

  • rule_password

  • rule_person_name

  • rule_phonenumber

  • rule_pii_id_keyword

  • rule_political_keyword

  • rule_religion_keyword

  • rule_sexual_orientation_keyword

  • rule_ssn_4_digit

  • rule_ssn_9_digit

  • rule_ssn_strict

  • rule_ssn_strict_fallback

  • rule_state_name

  • rule_street_address

  • rule_tax_id_9_digit

  • rule_tax_id_strict

  • rule_trade_union_keyword

  • Rule US ABA Routing Number

  • Rule US ABA Routing Number 2

  • rule_us_dlicense_keyword

  • rule_us_zip

  • rule_viewership_keyword

  • rule_web_keyword

  • SWIFT BIC Bank ID rule

  • SWIFT BIC Bank ID Rule 2

  • UK Driver License Rule

  • UK Electoral Roll number

  • UK NHS Rule

  • UK NHS Rule 2

  • UK NINO Rule

  • UK NINO RULE 2

  • UK Phone Number Rule

  • UK Postal Code

  • UK Postal Town

  • UK US Passport