ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
False positives for Social Security Number (SSN) data identifiers
Article ID: 160047
Updated On:
Products
Data Loss Prevention Enforce
Issue/Introduction
False positives are created for SSN Data Identifiers because of the wide scope of the data identifiers Symantec Data Loss Prevention (DLP) uses.
Resolution
Replace SSN Data Identifier with the more modern Randomized Social Security Data Identifier.
- Login to the Enforce console
- Select Manage > Policy > Policy List
- Create a new SSN policy or edit an existing SSN policy.
- Add a new "Content Matches Data Identifier" rule and select 'Randomized US Social Security Number (SSN)' from the drop down list, and click the next button.
- Randomized US SSN only allows Medium and Narrow Breadth
- Complete the configuration of the rule as required, and save the policy.
Minimize the false SSN positives by using a Medium or Narrow Breadth
- Login to the Enforce console
- Select Manage > Policy > Policy List
- Select the SSN Data Identifier policy
- Choose the Rule that contains the SSN Data Identifier
- Under Conditions select the SSN Condition
- Set the Breadth to Narrow (more strict) or Medium
- Click OK
In addition, Exact Data Matching (EDM) of all SSN can be used in conjunction with the names to ensure no false positives. See Detecting Content using Exact Data Matching (EDM) in the Symantec Data Loss Prevention Administration Guide
Feedback
Yes
No
Powered by
