# Create Data Rules for accurate Sensitive Data Classification ## Table of contents 1. [Creating Data Rules by Selecting Predefined Criteria](#creating-data-rules-by-selecting-predefined-criteria) 2. [Creating Data Rules Using Custom Criteria](#creating-data-rules-using-custom-criteria) - [Regex Pattern](#regex-pattern) - [Keyword Matching](#keyword-matching) - [Document Matching](#document-matching) - [File Extensions](#file-extensions) ## Create Data Rules Data rules are essential criteria for identifying sensitive information within datasets. Defining these rules is a critical first step in ensuring comprehensive data security. Data rules provide a foundation for meeting compliance standards like HIPAA, PCI DSS, and GDPR through predefined criteria. Organizations can also create custom data rules tailored to their specific requirements, ensuring compliance and security. ![Create Data Rules](https://www.manageengine.com/products/desktop-central/help/images/endpoint-dlp-1.png) The Data rules are created by following the steps explained below: 1. Navigate to the **Endpoint DLP** -> **Data Classification -> New Data rules** 2. Enter a name for the Data Rule and optionally provide a description. ## Creating Data Rules by Selecting Predefined Criteria Create data rules by selecting predefined criteria, categorized by Source Code, PII, Health, Finance, PCI DSS, or HIPAA. Toggle between categories or search for specific criteria using the search bar. ![Creation of Data Rules](https://www.manageengine.com/products/desktop-central/help/images/endpoint-dlp-2.png) Alternatively you can filter the data rule list by clicking the filter icon and selecting a country to display country-specific rules. ![Creation of Data Rules](https://www.manageengine.com/products/desktop-central/help/images/endpoint-dlp-3.png) Clicking on the **Save** button associates the selected criteria with the data rules. ## Creating Data Rules Using Custom Criteria Apart from standard templates, Endpoint DLP allows users to create custom data rules, offering flexibility for tailored data protection. **Custom Rule**: Select the Create Custom Rule option and choose from [Regex patterns](#regex-pattern), [Keyword Matching](#keyword-matching), [Document Matching](#document-matching), and [File-Extensions](#file-extensions). ![Creation of Data Rules](https://www.manageengine.com/products/desktop-central/help/images/endpoint-dlp-4.png) ### Regex Pattern Regex (Regular Expression) is used for searching text that matches specific patterns. For Example: `^\d{3}-\d{2}-\d{4}$` matches a string that represents a Social Security Number (SSN) format: 123-45-6789 Add a rule name -> Enter the Regex pattern -> Enter the number of pattern occurrences to mark the file as sensitive. ![Create Data Rules](https://www.manageengine.com/products/desktop-central/help/images/cdr1.png) **Note:** Occurrences refer to the number of times a pattern must appear in a file for it to be flagged as sensitive. For example, if the occurrence threshold is set to 3, the document will only be marked as sensitive if the specified regex pattern is found at least 3 times. ### Keyword Matching Keyword matching scans documents for exact terms and automatically classifies files containing those predefined keywords as sensitive. For Example: If you add "Social Security Number" as a keyword, the system will classify any document containing that exact phrase as sensitive. Add a rule name -> Attach txt/csv file containing list of keywords -> Enter the number of keyword occurrences to mark the file as sensitive. Choose whether the predefined keywords should be case-sensitive or not. ![Create Data Rules](https://www.manageengine.com/products/desktop-central/help/images/cdr2.png) ### Document Matching Document matching checks files for content similarity with a source document and classifies them as sensitive based on the chosen match percentage. Add a rule name -> Attach doc/docx/pdf file -> Enter required match percentage. ![Create Data Rules](https://www.manageengine.com/products/desktop-central/help/images/cdr3.png) **Note:** Attached file must contain at least 10 Words ### File Extensions File extensions are used to automatically classify all files of specified file types as sensitive. Enter the Rule Name -> Add extensions to mark specific file types as sensitive. ![Create Data Rules](https://www.manageengine.com/products/desktop-central/help/images/cdr4.png)