Overview

You can use Custom Sensitive Data Types in Netskope One DSPM to classify fields, filter searches, and create queries and policies around specific data types that are not included in the platform's default list of sensitive data types. This article outlines how to manage your Custom Sensitive Data Types, including how to create, edit, and delete them, so you can best leverage the capability in Netskope One DSPM.

Creating Custom Sensitive Data Types

To create a Custom Sensitive Data Type, click on Classification → Sensitive Data Types from the left side nav. You will see a list of all Custom Sensitive Data Types and their categories within your Netskope One DSPM instance.

1.  Click on Create Sensitive Data Type button.
2.  Input a Name and select the Sensitive Data Type Category from the dropdown. You can also create a new Sensitive Data Type category.
3.  If you mark the Display as Masked checkbox, the Masked icon will appear on both the Sensitive Data Types and Classification Management screens:

After you create a custom sensitive data type:

1. You can classify a field with that sensitive data type. Click on Classification in the left nav, and, in the pull-downs in the Sensitive Data Type column, you’ll find every custom sensitive data type listed, and you can change classifications accordingly.
   1. Adjust sensitivity levels
   2. Add, remove, or create new tags associated with a sensitive data type
   3. Enable or disable a sensitive data type or category using the purple status toggle
2. You can filter searches on the Data Classification Page by a custom sensitive data type by clicking on the filter button above the table. The filter panel will appear.
3. On the Home page and Alerts page, alerts will appear for any queries that have policies protecting these custom sensitive data types.

Custom Sensitive Data Types can be configured to utilize regular expressions to match either Field names or data content. Please visit the following articles for more information:

• Using Regular Expressions in Custom Sensitive Data Types 
• Using Data Dictionaries in Custom Sensitive Data Types 

Editing Custom Sensitive Data Types

Once you've created a Custom Sensitive Data Type, you can edit it any time using the pencil (edit) icon on the far right Actions column on the same screen from Classification → Sensitive Data Types.

When editing an existing Custom Sensitive Data Type, you will see a pop-up modal to confirm whether you are choosing to reclassify all non-reviewed fields, only those of the same Sensitive Data Type, or none. This helps improve performance and reduce unnecessary re-evaluation of your previously-classified data stores.

Deleting Custom Sensitive Data Types

Custom sensitive data types can be deleted at any time from the same screen, using the red trash (delete) icon on the far right Actions column. When deleting, you'll see a similar popup warning informing you of how the deleted Sensitive Data Type will impact future scans. Review before moving forward with the deletion.

A similar popup warning will appear when a custom sensitive data type is referenced by files (for unstructured data). Review it before proceeding.

When a custom sensitive data type is deleted and it will affect an active policy, you will need to remove it from the policy conditions before deleting.

Disabling Custom Sensitive Data Types and Categories

Use the purple toggle under the Status column to disable (or enable) an individual sensitive data type or an entire category. Popup warnings detail how disabling a category or sensitive data type will impact classification moving forward. Review before proceeding.