Follow these steps to setup Data Leak Prevention in Mimecast. Data Leak Prevention is not the official name for this product in Mimecast, it is simply outbound mail filtering that screens for predetermined phrases or numbers and holds that message until approved by an administrator or moderator.

Step-by-step guide

  1. Log into the customer's administrator portal (https://login-us.mimecast.com/u/login/?gta=administration#/login)
  2. Select Gateway -> Policies.
  3. Select Definitions -> Content Definitions.
  4. Create a new folder under root called DLP.
  5. Open up the new folder and select New Content Definition.
    1. You will create a new content definition for each item that you want to filter for.
    2. Description: Name of the item that you are filtering for.
    3. Definition Type:Independent Content Definition.
    4. Activation Score: 1.
    5. Fuzzy Hash Setting: Do not use fuzzy hash techniques.
    6. Word Phrase Match List:
      1. Credit Card: Select Insert -> Mimecast Managed Reference Dictionary -> Link Content Reference (Lookup) -> Credit Card (Select) -> Save & Exit
      2. ABA Number (American Banking Association Number): 1 regex,aba (\d){9}
      3. CHI Number (Community Health Index Number): 1 regex,chinumber (([^\w\t]?\s)?\d){10}
      4. Email Address: 1 regex,email (\w+[@\.]\s*\w+\.*\w+)
      5. IBAN Number (International Bank Account Number): 1 regex,iban GB\s(\d){2}\sBARC(\s*\d){14}
      6. NI Number (UK National Insurance Number): 1 regex,nin \s*[a-zA-Z]{2}(?:\s*\d\s*){6}[a-zA-Z]?\s*
      7. NHS Number (National Health Service Number): 1 regex,nhsnumber (([^\w\t]?\s)?(-)?\d){10} & 1 regex,nhsnumber (([^\w\t]?\s)?(_)?\d){10}
      8. NPI Number (Health Identification Card Number):1 regex,npi (?<!\\d)\\d{10}(?!\\d)|80840\\d{10}(?!\\d)
      9. MOD10 (Modulus 10, used to validate Canadian Health and US Postal Service PIC numbers): 1 regex,mod10 (\d){9}
      10. SIN Number (Canadian Social Insurance):1 regex,sin (\d){9}
      11. SSN (US Social Security Number): 1 regex,ssn ([^0-9-]|^)([0-9]{3}-[0-9]{2}-[0-9]{4})([^0-9-]|$)
      12. Phone Number:1 regex,phoneNumberAU (\+?)\d{1,3}(\s)?(\(\d{1}\))?[\s\d-]+
      13. Phone Number plus Region:1 regex,phoneNumber (\+?)\d{1,3}(\s)?(\(\d{1}\))?[\s\d-]+
      14. Postal Code or Region: 1 regex,postalcodeau [0-9]{4}
      15. VIN Number: 1 regex,vin [0-9A-HJ-NPR-Z]{17
    7. Case Sensitive Match:Unchecked.
    8. Match Multiple Words:Unchecked.
    9. Scan Subject Line: Checked.
    10. Scan Message Headers: Unchecked.
    11. Scan Message ID: Checked.
    12. Scan Attachments: Checked.
    13. Scan Binary Attachment: Unchecked.
    14. Microsoft Excel Spreadsheet Scanning: Raw.
    15. Policy Action: Hold for Review.
    16. Hold Type: Administrator.
    17. The rest of the options you can leave as default.
    18. Click Save & Exit.
  6. Select Go Back.
  7. Click on Content Examination (Do not click definitions.)
  8. Click New Policy.
    1. You will need a policy for each Content Definition that you created.
    2. Options:
      1. Policy Narrative: Name of the Content Definition you created.
      2. Select Content Definition: Select the Definition that you created.
    3. Emails From:
      1. Addresses Based On: Both.
      2. Applies From: Internal Addresses (This could even be set to Everyone.)
      3. Specifically: Applies to all Senders.
    4. Emails To:
      1. Applies To: Everyone
      2. Specifically: Applies to all Recipients.
    5. Validity:
      1. Enable/Disable: Enable.
      2. Set Policy as Perpetual: Always On
      3. Policy Override: Unchecked.
      4. Bi Directional:Unchecked.
    6. Click Save & Exit.

 

 

Content by label

There is no content with the specified labels