Detect sensitive content with Safetica 8.3

Safetica originally started out as a context DLP. Back in the day, this was the market standard. In the past few years, however, the requirements for regulatory compliance and the consecutive switch of working tools have resulted in a new DLP need. Nowadays it is necessary to protect specific content, regardless of what the files or data chunks are part of. After slowly introducing our first content aware capacities over the last year, we now are happy to present content detection in the core DLP modules: Safetica data categories and security policies.

How does the new content-aware DLP work?

Let’s say you want to protect social security and credit card numbers in your company. All you need to do is create a new sensitive content data category and turn it on in the category settings. Next, you link your chosen security policy to this data category and you’re done! You can also launch data discovery tasks to locate potentially sensitive files before imposing any restrictions on them.

Sensitive content data categories dynamically detect configured content at the moment when the user is working with it. You no longer need to specify complicated rules to describe your important data nor do you have to pre-tag the data before applying protection. Now you can simply set what type of content you want to protect – using our built-in algorithms and dictionaries, or your own keywords or regular expressions – and you’re good to go!

Moreover, the new data category type is detected dynamically and is applied when needed. This not only simplifies the initial DLP configuration, but the subsequent maintenance becomes much easier too. Sounds awesome, doesn’t it?

What if your data is already classified?

If you already have a classification system in place and all your data is assigned a sensitivity level, all that´s left to do is protect it. The new Safetica 8.3 can do that too. By creating and configuring a new “existing classification” type of data category, you can teach Safetica to read your third-party classification. Then your classified data can be dynamically detected in the files you are working with. So your security policies for this data are enforced and the user actions performed with these files are restricted. And no additional tags are used here, either. Why complicate things, right?

Save contextual tags for specific scenarios

There may be a few situations where context approach might still be useful. To secure unstructured data for example, context-based policies can be powerful and versatile. That´s why you can still choose to use contextual rules to define your data and apply Safetica tags to them – just like before. We’ve even created some new settings that will help mitigate user experience problems that some of you have had when copying data from contextually tagged files.

That said, this contextual approach often leads to too much maintenance and expected or unexpected complexity, and we encourage you to try the new content-aware DLP approach that you will find in Safetica 8.3.  It is a really very fast and easy way to define, discover and protect your data without too much maintenance. Don’t use a sledgehammer to crack a nut. Give our new content-aware DLP a try and you might find that it’s everything you’ve needed, minus the unnecessary complexity.

Do you want to try the newest version of Safetica 8.3 on your own? Our demo version is available to you.

Try it now!



This article has 6 comments

  1. Ján Lakatoš

    Hello Maneesh
    thank you for your comment. Yes, Safetica content-aware protection also supports the notes e-mail protocol as well as other traditional e-mail protocols.
    Best regards
    Ján Lakatoš

  2. Rainy


    Let’s say we put all the data we need to protect in a folder on windows server, and share that folder to other PCs to access and work with. how would we protect other user from leaking that data outside since we cant install safetica client on a server OS?

  3. Martin Trčka

    Hello Rainy,

    Safetica is a solution that focuses on end-point stations. If you want to protect data, you need to have our client. This client works also on Windows Server 2008 R2 and higher. Therefore, if you tag the data in a specific folder on the server and allow access to your users with the Safetica client installed, you will be able to determine how these end-point stations will be able to work with the data. It also depends on how users access the data. If a single access is via RDP (Remote Access), a client installed only on the server would be enough. If the server disk is shared and mapped to the entire environment, our client will be required at every end-point station that can do so.

    Best regards
    Martin Trčka

  4. Rainy

    Thank you Martin Trčka for the answer, that is great.
    One last thing, is safetica able to prevent a user to delete a file that is tagged and applied security policy already?

    Thank you.

  5. Martin Trčka

    Unfortunately not. Safetica’s primary goal is to protect data from their leakage, not removal. However if someone deletes the classified data, this operation is going to be recorded and available in your consoles. The only option here would be to store the data in selected folder and set the access to read-only mode (using Safetica).

    Best regards


Leave a Comment

Your email address will not be published.