ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

False positives for Social Security Number (SSN) data identifiers


Article ID: 160047


Updated On:


Data Loss Prevention Enforce


False positives are created for SSN Data Identifiers because of the wide scope of the data identifiers Symantec Data Loss Prevention (DLP) uses.


Replace SSN Data Identifier with the more modern Randomized Social Security Data Identifier.

  1. Login to the Enforce console
  2. Select Manage > Policy > Policy List
  3. Create a new SSN policy or edit an existing SSN policy.
  4. Add a new "Content Matches Data Identifier" rule and select 'Randomized US Social Security Number (SSN)' from the drop down list, and click the next button.
    • Randomized US SSN only allows Medium and Narrow Breadth
  5. Complete the configuration of the rule as required, and save the policy.

Minimize the false SSN positives by using a Medium or Narrow Breadth

  1. Login to the Enforce console
  2. Select Manage > Policy > Policy List
  3. Select the SSN Data Identifier policy
  4. Choose the Rule that contains the SSN Data Identifier
  5. Under Conditions select the SSN Condition
  6. Set the Breadth to Narrow (more strict) or Medium
  7. Click OK

In addition, Exact Data Matching (EDM) of all SSN can be used in conjunction with the names to ensure no false positives. See Detecting Content using Exact Data Matching (EDM) in the Symantec Data Loss Prevention Administration Guide