049
CHECK POINT 2013 SECURITY REPORT
Our research included inspection of dozens of various data
types searching for potential data loss events. The following
list presents the top data types inspected and detected by
Check Point DLP Software Blade.
Source Code
- Matches data containing programming
language lines, such as C, C++, C#, JAVA and more;
indicates leaks of intellectual property.
Credit Cart Information
- Includes two data types: credit card
numbers and PCI - Sensitive Authentication Data.
• Credit card numbers:
Match Criteria:
Related to Payment Card Industry
(PCI); matches data containing credit card numbers of
MasterCard, Visa, JCB, American Express, Discover and
Diners Club; match is based on both pattern (regular
expression) and validation of check digits on the schema
defined in Annex B of ISO/IEC 7812-1 and in JTC 1/
SC 17 (Luhn MOD-10 algorithm); indicates leaks of
confidential information.
Example:
4580-0000-0000-0000.
• PCI - Sensitive Authentication Data:
Match Criteria:
Related to Payment Card Industry
(PCI); matches information that is classified as Sensitive
Authentication Data according to PCI Data Security
Standard (DSS). Such data, unlike Cardholder data, is
extremely sensitive and PCI DSS does not permit its
storage. Matches data containing a credit card magnetic
stripe track data (track 1, 2 or 3), an encrypted or
unencrypted PIN block and a Card Security Code (CSC).
Examples:
%B4580000000000000^JAMES
/L.^99011200000000000?, 2580.D0D6.B489.DD1B,
2827.
Password protected file -
Matches files that are either
password protected or encrypted. Such files may contain
confidential information.
Pay slip file -
Matches files containing a pay slip, also known
as pay stub, pay advice and paycheck stub; indicates loss of
personal information.
Confidential email -
Matches Microsoft Outlook messages
that were marked by the sender as ‹Confidential›; such
emails usually contain sensitive information. Note:
Microsoft Outlook allows the sender to mark sent emails
with various sensitivity values; this Data Type matches
emails that were marked as ‹Confidential› using Outlook
sensitivity option.
Salary compensation information-
Matches documents
containing words and phrases with employees compensation
data such as: salary, bonus etc.
Other data types detected during the research:
Hong Kong
Identity Card, Financial Report Terms¸ Bank Account
Numbers, Finland IBAN, Canada Social Insurance
Number, FERPA - Confidential Educational Records, U.S.
Zip Codes, UK VAT Registration Number, Mexico Social
Security Number, U.S. Social Security Numbers, Student
Grades – GPA, Hong Kong Identity Card, Bank Account
Numbers, Salesforce Reports, Finland Personal Identity
Code, ITAR - International Traffic in Arms Regulations,
Sensitive personal records, CAD-CAMDesigns or Graphic
Design File, HIPAA - Protected Health Information,
France Social Security Number, Employee Names, New
Zealand Inland, PCI - Cardholder Data, U.S. Driver License
Numbers, HIPAA - Medical Record Number, Canada
Social Insurance Number, Finland IBAN, HIPAA - ICD-9,
Denmark IBAN, Finland VAT Number, Finland Personal
Identity Code, International Bank Account Number –
IBAN, Hong Kong Identity Card and others.
APPENDIX D:
DLP DATA TYPES
D
1...,38,39,40,41,42,43,44,45,46,47 49,50