An organization wants to upload internal PII (personally identifiable information) into the Zscaler cloud for blocking without fear of compromise. Which of the following technologies can be used to help with this?
Zscaler’s advanced data protection stack includes Exact Data Match (EDM), Indexed Document Match (IDM), dictionaries, and predefined DLP engines. Zscaler describes EDM as a technique that “fingerprints” sensitive values—such as PII from structured data sources (databases or spreadsheets)—so the platform can detect and block exact matches to those values while greatly reducing false positives.
With EDM, an on-premises index tool hashes the sensitive fields (for example, names, IDs, or other PII) and then uploads only these hashes—not the readable PII itself—into the Zscaler cloud. Zscaler documentation emphasizes that only hashed fingerprints are sent, allowing organizations to protect internal data “without having to transfer that data to the cloud” in plain form. This directly addresses the requirement to block exfiltration of internal PII without fear of compromise.
Dictionaries and core DLP engines focus on pattern- or keyword-based detection (such as generic PII patterns) rather than matching exact records from an internal dataset. IDM, on the other hand, fingerprints whole documents or forms (for example, templates or high-value documents) rather than row-level PII records. Therefore, for uploading organization-specific PII in a privacy-preserving, hashed form to enable precise blocking, EDM is the correct technology.
===========
Top of Form
Bottom of Form
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit