New York Data Loss Prevention User Group

 View Only
  • 1.  DLP Policy Naming Convention

    Posted Oct 31, 2016 12:02 PM

    I'm starting to roll out more policies in DLP, I was wondering if you would be willing to share naming conventions or patterns that you use to keep the policies organized.

     

    I haphazardly use these now (pipe | used to seperate fields):

    Law/Policy | email/web | use O365? | Detect/Block



  • 2.  RE: DLP Policy Naming Convention
    Best Answer

    Trusted Advisor
    Posted Nov 01, 2016 07:58 AM

    hello,

     i used to define polci naming rule in the following way

    - Population scope : especially when DLP is deployed for companies with many branches across the world

    - Leakage channel covered by the policy (mail, web, endpoint, cloud, discover,....)

    - remediation action in place in the policy (blocking, quarantine, monitoring, encryption,....)

    - policy label (short description of use case / law / regulation covered by this policy)

    I usually used _ as fields separator as it is more "readable" (at least fro mmy point of view).

    For the first three parameters i used acronyms or short version of value in ordert to keep policy name as short as possible, because if not name are splitted in DLP UI which made them less readable and manageable.

    regards