| Configuring policies / Data control policy | |
A Content Control List (CCL) is a set of conditions that describe structured file content. A Content Control List may describe a single type of data (for example, a postal address or social security number) or a combination of data types (for example, a project name near to the term "confidential").
You can use SophosLabs Content Control Lists that are provided by Sophos or create your own Content Control Lists.
SophosLabs Content Control Lists provide expert definitions for common financial and personally identifiable data types, for example, credit card numbers, social security numbers, postal addresses, or email addresses. Advanced techniques, such as checksums, are used in SophosLabs Content Control Lists to increase the accuracy of sensitive data detection.
You cannot edit SophosLabs Content Control Lists, but you can submit a request to Sophos to create a new SophosLabs Content Control List. For details, see Sophos knowledgebase article 51976.
Most SophosLabs Content Control Lists have quantity assigned to them.
A quantity is the volume of the Content Control List key data type that must be found in a file before the Content Control List is matched. You can edit the quantity of a SophosLabs Content Control List in a content rule that includes that Content Control List.
Using quantity, you can fine-tune your data control rules and avoid blocking documents that do not contain sensitive information (for example, a document containing one postal address or one or two telephone numbers, possibly in the letterhead, footer or signature). If you search for a single postal address, thousands of documents may match the rule and trigger a data control event. However, if you want to prevent the loss of a customer list, you may want to only detect the transfer of documents containing, for example, more than 50 postal addresses. In other cases, however, it may be advisable to search for a single instance of content, for example, a credit card number.