Using DLP to protect credit card data – part 2

Words by

John Carl Villanueva

If you followed the steps in Part 1, then you should now have a DLP-enabled group. That group directory will have the capability to detect files stored in it that contain certain credit card numbers. If a member of that group attempts to download such a file, the server will prevent the download from taking…

Published in:

/

Business Process Automation, JSCAPE MFT, Managed File Transfer, Secure File Transfer

If you followed the steps in Part 1, then you should now have a DLP-enabled group. That group directory will have the capability to detect files stored in it that contain certain credit card numbers. If a member of that group attempts to download such a file, the server will prevent the download from taking place and fire a “DLP rule matched” event. In the screenshot below, a user is prevented by JSCAPE’s DLP from downloading a file containing MasterCard numbers.

Here in Part 2, we’re going to show you how to catch that event and perform certain trigger actions off of it.

If you prefer to watch a video version of this blog post, click play below. Otherwise, just proceed.

Being able to prevent group members from downloading files that they shouldn’t have access to is already a step in the right direction in terms of securing files in your managed file transfer server. But we won’t stop there. In our succeeding discussions, you’ll also learn how to:

Send an email notification (presumably to a system administrator) warning that credit card information may have been detected in the group directory question, and
Render the file unreadable using OpenPGP encryption.

Remember in Part 1, we chose “deny all” when setting the Access level. That setting is the reason why the download shown in the screenshot above was not allowed to push through.

Are all these actions of notifying, encrypting, and denying access absolutely necessary? Maybe not. But if your company is covered by regulations like PCI DSS, then they probably are. PCI DSS has certain requirements that specify where credit card information should be stored and who should have access to them.

Recommended read: Guide To PCI DSS Compliant File Transfers

If the group in question is not authorized to view such information, then the file containing the credit card information is certainly in the wrong place and something has to be done about it immediately.

Sending an email that credit card information may have been detected

Here’s how you set JSCAPE MFT Server to automatically send an email once a DLP rule match occurs.

sending-email-notification-detect-credit-card-file-upload

Go to the Triggers node and click the Add button.

01-jscape-mft-server-pgp-encrypt-trigger-resized-600

Give the trigger a descriptive name and choose DLP Rule Matched from the Event Type drop-down list. Click Next.

2-01-dlp-rule-matched

Click Next.

2-02-trigger-conditions

Click Add.

2-03-add-trigger-action

Select Send Email from the Action drop-down list and then click OK.

2-04-send-email-trigger-action

In the next screen, enter information pertinent to the sender’s email account like the Hostname, Port, Connection Type, Username, and Password. The values you enter into the Hostname, Port, and Connection Type will depend on the email hosting service. What you see here is for Gmail. Enter the sender’s email into the From field and the recipient’s email into the To field.

2-05-send-email-trigger-action-parameters

Enter a descriptive Subject (e.g. DLP Match Alert) and then add more details regarding the incident into the Body. Here’s what we used for our Body:

%RuleName% numbers may have been detected.

Affected Group: %LocalDir%

Affected Filename: %LocalPath%

Detection occurred at %Hour%:%Minute% on %DayOfMonth%-%Month%-%Year%

Notice how we’ve employed a couple of variables (those enclosed in %) to give more factual information regarding the incident. You can access a wide range of variables relevant to the particular trigger being used by clicking the Add Variable button.

Click OK when done.

2-06-send-email-trigger-action-parameters

Your newly created Trigger Action should now be added to the list of Trigger Actions. Click OK.

2-07-send-email-trigger-action

Once you get back to your domain’s main screen, make sure you click the Apply button! Otherwise, those changes won’t take effect.

2-08-send-email-trigger-action

That’s it. If a user tries to download a file containing credit card numbers from this group folder, an email notification should be sent to the designated recipient. Here’s a sample email notification sent by this particular trigger to a Yahoo! Mail account.

email sent by trigger

Now that you know how to send an email notification to whoever should be notified regarding the DLP match, the next step would be to ensure that the file containing those MasterCard numbers is given a higher level of protection.

Next week in Part 3, I’ll show you how to configure JSCAPE MFT Server to automatically encrypt the file using PGP.

Get Started Now

Would you like to try an FTP server that allows you to add DLP rules? Try the free, fully-functional evaluation edition of JSCAPE MFT Server. It supports FTP, FTPS, SFTP, WebDAV, OFTP, AS2, HTTP, HTTPS, and other file transfer protocols.

Download JSCAPE MFT Server Trial

Easy To Deploy, Easy To Administer, Easy To Manage

Ready to see how JSCAPE makes managed file transfer so much simpler? Schedule your demo now.

Popular Articles

View more by

1–2 minutes

23/09/2025

JSCAPE by Redwood, version 2025.3: New UI continues to make a splash

Dive back into JSCAPE by Redwood with version 2025.3, bringing more modern UI updates to make using and navigating JSCAPE more intuitive.
Read article
1–2 minutes

19/08/2025

Weathering the economic storm: Expert support is your enterprise file transfer system’s lifeline

The global economic landscape can be described by one word: “uncertain”. Lingering effects from the 2020 pandemic, combined with new waves of international tariffs throughout 2025, have…
Read article
1–2 minutes

30/07/2025

Escape the grip: Why flexible MFT is key to enterprise agility

Break free from costly vendor lock-in Let’s be blunt: some MFT vendors have built product suites that are less about true partnership and more about proprietary siloing.…
Read article
1–2 minutes

23/07/2025

Avoid downtime and threat actors: Getting the best of both worlds in MFT

For enterprise organizations relying on managed file transfer (MFT) solutions, cybersecurity often feels like an arms race. The need to patch MFT software vulnerabilities to prevent breaches…
Read article

Related Content

Read more about

1–2 minutes

30/07/2025

Escape the grip: Why flexible MFT is key to enterprise agility

Break free from costly vendor lock-in Let’s be blunt: some MFT vendors have built product suites that are less about true partnership and more about proprietary siloing.…
Read article
1–2 minutes

03/07/2025

Consolidate, deploy and thrive: JSCAPE’s formula for MFT success in uncertain times

Global enterprises today are navigating a landscape marked by significant economic volatility. Fluctuating markets, shifting trade policies and persistent economic uncertainty are compelling enterprise organizations to reevaluate…
Read article
1–2 minutes

31/03/2025

SFTP vs. FTPS: Which file transfer software is best for business use?

What is SFTP? SFTP is a file transfer protocol that’s normally packaged with Secure Shell (SSH), the network protocol most IT administrators use to access and manage…
Read article
1–2 minutes

25/03/2025

EDI integration with trading partners: 6 best practices

Many large companies with high-volume transactions, especially those involved in e-commerce, manufacturing and retail supply chains, have long migrated from manual processes to Electronic Data Interchange (EDI).…
Read article