SSN Detection Alert with GAT Shield

To set up an alert rule in  GAT Shield for Social Security Number detection

Within GAT Shield you will find a template rule for detecting Social Security Numbers on any website you users visit or if they themselves type it into a webpage.

1. In the Configuration Area, Alert Rules click on ‘Add a template rule’ and choose US SSN entered.

2. Take the following actions:

  • Check the box to activate the rule.
  • Select the users, groups or Org Unit you want this rule to be applied to, If you leave the Scope blank all users with GAT Shield extension will be covered.
  • (Optional) Show a warning message or take no end user action.
  • (Optional) Report matched Text – will send you the text they typed attached with the email you receive.
  • (Optional) Check the box ‘Report Screen Capture’ to take a screenshot of the page.
  • (Optional) Check the box ‘Report Webcam Capture’ to take a web picture of the user behind the device.

3. Click on Save.

The reg. ex. Inside of this template matches any valid SSN and by default, it has a weight of 1. If other keywords occur on the same page they each have their own weight. If the total weight is equal to or above 3 the rule will be fired.
You can also add your own keyword, or edit the regex, to exclude numbers like local area codes as an example (345,214,526,732)

The regex option we have is:
\b(?!000)(?!666)([0-6]\d{2}|7([0-356]\d|7[012]))[- ]?(?!00)\d{2}[- ]?(?!0000)\d{4}\b

We can edit this to exclude your local code:
\b(?!00)(?!000)(?!345)(?!214)(?!526)(?!732)(?!666)([0-6]\d{2}|7([0-356]\d|7[012]))[- ]?(?!00)\d{2}[- ]?(?!0000)\d{4}\b

Once you select the scope you would like to cover the rule will be active and alerts will be sent to an Admin every time the rule is violated.

Example of an email received by a super admin.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *