Symantec Data Loss Prevention (DLP)
Exact Data Matching (EDM) is the most accurate form of detection. EDMs are also the most complex to set up and maintain. To ensure that your EDM policies are as accurate as possible, consider the recommendations in this document when you implement your EDM profiles and policies.
Indexed Document Matching (IDM) is designed to protect document content and images. IDM relies on an index of fingerprinted documents to perform partial and derivative text-based content matching. In addition, you can also use IDM to match indexed documents exactly, based on their binary stamp. Including not only text-based documents but also graphics and media files.
Due to the broad range of matching supported by IDM, consider the best practices in this document to implement the IDM policies that accurately match the data you want to protect.
EDM Best Practices:
IDM policy best practices:
Data and Document Profiles in the Cloud Best Practices:
Best Practices for these Profiles in the cloud are the same as on-premises detection servers. With Cloud Detectors, however, all two-tier indexes must be free from any errors, at least for the first profile that is uploaded to a new Detector. This caution also includes Active Directory indexes, which are stored as an EDM Profile.