Teramind's OCR (Optical Character Recognition) rules help you detect sensitive text on screen - even text embedded within images, videos, or otherwise un-parseable applications.

The example below demonstrates how you can use an OCR rule with advanced detection features like Regular Expressions to detect dynamic content and patterns such as credit card numbers.

1. Assign a Rule Name. For example, “Block dangerous ports”.

2. Select a Parent Policy. For example, “Admin Policy”.

3. Select “Activity” for Rule Type.

4. Select “OCR” under Select the type of activities.

5. Turn on the Inherit targets from Parent Policy option to use the policy’s default targets.

6. Alternatively, turn it off and manually select the employees, departments and/or computers for the rules target from the Assign to field.

7. Optionally, you can exclude targets in the Exclude from rule field.

8. A default condition block, "Condition 1," should already be added to the rule. If it's missing, click the New Condition button, then add the On-screen text criterion. Configure the condition as follows:

9. In the On-screen text field, enter:

Then, select the Matches regex condition.

10. Select the Notify action.

11. Select users you want to notify when the rule is violated.

This rule uses Teramind's patented OCR engine to scan the entire screen for sensitive data, which is crucial for capturing information in images, RDP sessions, or un-parsable apps where detecting content might be difficult using other methods.

Its effectiveness relies on using a Matches regex condition which defines the exact pattern of sensitive data to detect 16-digit credit card numbers in several formats, such as: "1234567890123456", "1234-5678-9012-3456", " or "1234 5678 9012 3456".

The Notify action ensures the administrator receives an email notification when the pattern appears on a user's screen.