Page 48 - Check Point 2013 Security Report

049

CHECK POINT 2013 SECURITY REPORT

Our research included inspection of dozens of various data

types searching for potential data loss events. The following

list presents the top data types inspected and detected by

Check Point DLP Software Blade.

Source Code

- Matches data containing programming

language lines, such as C, C++, C#, JAVA and more;

indicates leaks of intellectual property.

Credit Cart Information

- Includes two data types: credit card

numbers and PCI - Sensitive Authentication Data.

• Credit card numbers:

Match Criteria:

Related to Payment Card Industry

(PCI); matches data containing credit card numbers of

MasterCard, Visa, JCB, American Express, Discover and

Diners Club; match is based on both pattern (regular

expression) and validation of check digits on the schema

defined in Annex B of ISO/IEC 7812-1 and in JTC 1/

SC 17 (Luhn MOD-10 algorithm); indicates leaks of

confidential information.

Example:

4580-0000-0000-0000.

• PCI - Sensitive Authentication Data:

Match Criteria:

Related to Payment Card Industry

(PCI); matches information that is classified as Sensitive

Authentication Data according to PCI Data Security

Standard (DSS). Such data, unlike Cardholder data, is

extremely sensitive and PCI DSS does not permit its

storage. Matches data containing a credit card magnetic

stripe track data (track 1, 2 or 3), an encrypted or

unencrypted PIN block and a Card Security Code (CSC).

Examples:

%B4580000000000000^JAMES

/L.^99011200000000000?, 2580.D0D6.B489.DD1B,

2827.

Password protected file -

Matches files that are either

password protected or encrypted. Such files may contain

confidential information.

Pay slip file -

Matches files containing a pay slip, also known

as pay stub, pay advice and paycheck stub; indicates loss of

personal information.

Confidential email -

Matches Microsoft Outlook messages

that were marked by the sender as ‹Confidential›; such

emails usually contain sensitive information. Note:

Microsoft Outlook allows the sender to mark sent emails

with various sensitivity values; this Data Type matches

emails that were marked as ‹Confidential› using Outlook

sensitivity option.

Salary compensation information-

Matches documents

containing words and phrases with employees compensation

data such as: salary, bonus etc.

Other data types detected during the research:

Hong Kong

Identity Card, Financial Report Terms¸ Bank Account

Numbers, Finland IBAN, Canada Social Insurance

Number, FERPA - Confidential Educational Records, U.S.

Zip Codes, UK VAT Registration Number, Mexico Social

Security Number, U.S. Social Security Numbers, Student

Grades – GPA, Hong Kong Identity Card, Bank Account

Numbers, Salesforce Reports, Finland Personal Identity

Code, ITAR - International Traffic in Arms Regulations,

Sensitive personal records, CAD-CAMDesigns or Graphic

Design File, HIPAA - Protected Health Information,

France Social Security Number, Employee Names, New

Zealand Inland, PCI - Cardholder Data, U.S. Driver License

Numbers, HIPAA - Medical Record Number, Canada

Social Insurance Number, Finland IBAN, HIPAA - ICD-9,

Denmark IBAN, Finland VAT Number, Finland Personal

Identity Code, International Bank Account Number –

IBAN, Hong Kong Identity Card and others.

APPENDIX D:

DLP DATA TYPES

D