Supported File and Form Types

The Data Loss Prevention policy can monitor or block the data being uploaded to the web. The policy discovers and protects the sensitive data contained in your cloud-sanctioned applications. The DLP scans the plain text of files up to 50 MB. DLP scans archives as well as files containing embedded files; for these, DLP can extract and scan content for up to 100 files nested up to 10 levels deep. Secure Access scans all files uploaded through the Secure Access SWG proxy that match the Real Time rules’ criteria, as well as the files stored in the Secure Access authorized cloud tenants and performs a deeper analysis for the following mime types:

Mime TypeFile Type
application/mswordWord .doc, .docx
application/ .xlsx
application/ .ppt
application/vnd.oasis.opendocument.presentationOpenDocument Presentation .odp
application/vnd.oasis.opendocument.spreadsheetOpenDocument Sheet .ods
application/vnd.oasis.opendocument.textOpenDocument Word .oth
application/vnd.openxmlformats-officedocument.presentationml.presentationPowerPoint .pptx
application/vnd.openxmlformats-officedocument.spreadsheetml.sheetExcel .xlsx
text/plainPlain text .txt

The Real Time DLP rules can scan the content of all applicable web requests of the following form types:

  • JSON
  • XML
  • URL encoded
  • Multipart form



Optical Character Recognition (OCR) supports scanning and extracting data from images in jpeg, jpg, gif, png, and tiff formats; and images embedded in various files, such as Excel spreadsheets, PowerPoint presentations, Word documents, PDFs and ZIP files. Secure Access supports scanning images with a minimum resolution of 300 dpi and a minimum font size of 10 points. The text extracted from these files is scanned for violations.

Currently only the English language is supported

Enable or Disable a Data Loss Prevention Rule < Supported File and Form Types >Best Practices for the Data Loss Protection Policy