Veritas Data Insight User's Guide

Last Published:
Product(s): Data Insight (6.1.2)
  1. Section I. Introduction
    1. Introducing Veritas Data Insight
      1.  
        About Veritas Data Insight
      2.  
        About data custodian
      3.  
        About permissions
      4.  
        About SharePoint permissions
      5.  
        About Box permissions
      6.  
        About audit logs
      7.  
        About migrated domains
      8.  
        Applications for Symantec Data Loss Prevention
      9.  
        Content classification using Veritas Information Classifier
    2. Using the Veritas Data Insight Management Console
      1. About the Veritas Data Insight Management Console
        1.  
          Header
        2.  
          Tabs
        3.  
          Navigation pane
        4.  
          Content pane
      2.  
        Operation icons on the Management Console
      3.  
        Logging in to the Data Insight Management Console
      4.  
        Logging out of the Data Insight Management Console
      5.  
        Accessing online Help
  2. Section II. Data Insight Workspace
    1. Navigating the Workspace tab
      1.  
        About the Data Insight Workspace
      2.  
        Using the Workspace filters
      3.  
        Managing the Workspace
      4.  
        Searching the storage device hierarchy
      5.  
        Searching for users and user groups
    2. Analyzing data using the Workspace views
      1.  
        About information risk
      2.  
        Viewing summary of data sources
      3. Viewing shares summary
        1.  
          About control points
      4.  
        About the risk score for users
      5. About the Risk Dossier
        1.  
          Assessing risky users - an example scenario
      6.  
        Viewing user summary
      7.  
        Viewing details of Watchlist users
      8.  
        Viewing details of alert notifications
    3. Viewing access information for files and folders
      1.  
        About viewing file or folder summary
      2.  
        Viewing the overview of a data source
      3.  
        Managing data custodian for paths
      4.  
        Viewing the summary of user activity on a file or folder
      5. Viewing user activity on files or folders
        1.  
          Assigning an inferred data owner as custodian
        2.  
          Assigning an active user as custodian
        3.  
          Assigning a custodian from the Permissions tab
      6.  
        Viewing file and folder activity
      7.  
        Viewing CIFS permissions on folders
      8.  
        Viewing NFS permissions on folders
      9.  
        Viewing SharePoint permissions for folders
      10.  
        Viewing Box permissions on folders
      11.  
        Viewing audit logs for files and folders
      12. About visualizing collaboration on a share
        1.  
          Analyzing activity on collaborative shares
    4. Viewing access information for users and user groups
      1.  
        Viewing the overview of a user
      2.  
        Viewing the overview of a group
      3.  
        Managing custodian assignments for users
      4.  
        Viewing folder activity by users
      5.  
        Viewing CIFS permissions for users
      6.  
        Viewing CIFS permissions for user groups
      7.  
        Viewing NFS permissions for users and user groups
      8.  
        Viewing SharePoint permissions for users and user groups
      9.  
        Viewing Box permissions for users and user groups
      10.  
        Viewing audit logs for users
  3. Section III. Data Insight reports
    1. Using Data Insight reports
      1.  
        About Data Insight reports
      2.  
        How Data Insight reporting works
      3.  
        Creating a report
      4. About Data Insight security reports
        1.  
          Activity Details report
        2. Permissions reports
          1.  
            Inactive Users
          2.  
            Path Permissions
          3. Permissions Search report
            1.  
              Create Permissions Search report
          4.  
            About Permissions Query templates
          5. Creating a Permissions Query Template
            1.  
              Using the match-type criteria
          6.  
            Creating custom rules
          7. Permissions Query Template actions
            1.  
              Editing or deleting a Permissions Query Template
            2.  
              Copying a Permissions Query Template
            3.  
              About sharing a Permissions Query Template
          8.  
            Using Permissions Search report output to remediate permissions
          9.  
            Entitlement Review
          10.  
            User/Group Permissions
          11.  
            Group Change Impact Analysis
        3. Ownership Reports
          1.  
            Data Custodian Summary
          2.  
            Inferred Owner
          3.  
            Data Inventory Report
      5.  
        Create/Edit security report options
      6.  
        Data Insight limitations for Box permissions
      7. About Data Insight storage reports
        1.  
          Activity Summary reports
        2. Capacity reports
          1.  
            Filer Utilization
          2.  
            Filer Growth Trend
        3. Data Lifecycle reports
          1.  
            Inactive Data by File Group
          2.  
            Inactive Data by Owner
          3.  
            Data Aging
          4.  
            Inactive Folders
        4. Consumption Reports
          1.  
            Potential Duplicate Files
          2.  
            Consumption by Folders
          3.  
            Consumption by Department
          4.  
            Consumption by File Group
          5.  
            Consumption by Owner
          6.  
            Consumption by File Group and Owner
      8.  
        Create/Edit storage report options
      9. About Data Insight custom reports
        1.  
          About DQL query templates
        2.  
          Creating custom templates for DQL queries
        3.  
          Create/Edit DQL report options
      10.  
        Considerations for importing paths using a CSV file
    2. Managing reports
      1.  
        About managing Data Insight reports
      2. Viewing reports
        1.  
          About stale information in reports
      3.  
        Filtering a report
      4.  
        Editing a report
      5.  
        About sharing reports
      6.  
        Copying a report
      7.  
        Running a report
      8.  
        Viewing the progress of a report
      9.  
        Customizing a report output
      10.  
        Configuring a report to generate a truncated output
      11.  
        Sending a report by email
      12.  
        Automatically archiving reports
      13.  
        Canceling a report run
      14.  
        Deleting a report
      15.  
        Considerations for viewing reports
      16.  
        Organizing reports using labels
  4. Section IV. Remediation
    1. Configuring remediation workflows
      1.  
        About remediation workflows
      2.  
        Prerequisites for configuring remediation workflows
      3.  
        Configuring Self-Service Portal settings
      4.  
        About workflow templates
      5. Managing workflow templates
        1.  
          Create/Edit Entitlement Review workflow template
        2.  
          Create/Edit DLP Incident Remediation workflow template
        3.  
          Create/Edit Ownership Confirmation workflow template
        4.  
          Create/Edit Records Classification workflow template
      6. Creating a workflow using a template
        1. Create Entitlement Review workflow options
          1.  
            Customizing Entitlement Review report output
        2.  
          Create DLP Incident Remediation workflow options
        3.  
          Create Ownership Confirmation workflow options
        4.  
          Create Records Classification workflow options
      7. Managing workflows
        1.  
          Viewing details of submitted workflows
        2.  
          Extending the deadline of a workflow
        3.  
          Copying a workflow
        4.  
          Managing submitted workflows
        5.  
          Canceling or deleting a workflow
      8.  
        Auditing workflow paths
      9.  
        Monitoring the progress of a workflow
      10.  
        Remediating workflow paths
    2. Using the Self-Service Portal
      1. About the Self-Service Portal
        1.  
          About Entitlement Review
      2.  
        Logging in to the Self-Service Portal
      3.  
        Using the Self-Service Portal to review user entitlements
      4.  
        Using the Self-Service Portal to manage Data Loss Prevention (DLP) incidents
      5.  
        Using the Self-Service Portal to confirm ownership of resources
      6.  
        Using the Self-Service Portal to classify sensitive data
    3. Managing data
      1. About managing data using Enterprise Vault and custom scripts
        1.  
          About Retention categories
        2.  
          About post-processing actions
      2.  
        Managing data from the Shares list view
      3.  
        Managing inactive data from the Folder Activity tab
      4.  
        Managing inactive data by using a report
      5.  
        Archiving workflow paths using Enterprise Vault
      6.  
        Using custom scripts to manage data
      7.  
        Pushing classification tags while archiving files into Enterprise Vault
      8. About adding tags to files, folders, and shares
        1.  
          Using the metadata framework for classification and remediation
    4. Managing permissions
      1.  
        About permission visibility
      2.  
        About recommending permission changes
      3. About recommending permissions changes for inactive users
        1.  
          Reviewing permission recommendations
        2.  
          Analyzing permission recommendations and applying changes
      4.  
        Making permission changes directly from Workspace
      5.  
        Removing permissions for Entitlement Review workflow paths
  5. Appendix A. Command Line Reference
    1.  
      mxcustodian

Using the Self-Service Portal to review user entitlements

You can use the Self-Service Portal to review user access permissions to the paths that are assigned to you. On the Entitlement Review page of the portal, you can perform the following tasks:

  • View a snapshot of the users whose permissions are assigned for your review.

  • Review if the user has the creator owner permissions on a path.

    If the option to display the creator owner is selected in the workflow template, the Creator Owner column is displayed on the Portal UI with value as 'Yes' against user who is creator owner.

    Note that if the Creator Owner is a group, no value is displayed in the Creator Owner column.

  • Filter the users to be reviewed based on their activity profiles and the assigned paths. For example, you might be interested to first review the entitlements for the users who are inactive.

  • Make recommendation to grant or revoke user permissions on the specified paths.

  • Decline the review request or delegate the review work to another user.

To review user entitlements

  1. Use the Resources drop-down to select the path for which you want to review the user permissions. From the drop-down list click the path for which you want to review user entitlements. All the review requests for the selected path are displayed on the panel.
  2. Use the Users by activity filter to sort the users based on their activity profiles.

    You can further filter the users by selecting the group they belong to or by using their directory service attribute.

  3. Do any of the following:

    • To review the permissions of individual users, click Yes to grant access to the path, and click No to revoke the user's access on the path

    • To review the permissions for multiple users, select the users based on the action you want to take. For example, select the users whose permissions you want to revoke on the selected path.

      Click either Allow access or Revoke access to grant or to decline the permissions to the selected group of users.

To decline or delegate entitlement review requests

  1. Click the down-pointing arrow for the path filter. From the drop-down list select the paths using the check boxes.
  2. Do any of the following:

    • Click Decline to reject the request to review permissions on the selected path.

    • Click Delegate to delegate the entitlement review task to another user.

After you submit the review request from the portal, the details are sent to the Data Insight Management Server. The Data Insight administrator can view the paths for which custodians have suggested changes to the permissions, and can perform the relevant changes. Alternatively, Data Insight can automatically trigger a permission remediation action to distribute the actions to the proper authorities such as, directory server administrators.

To automatically initiate a permission remediation action, you must first configure the permission remediation settings. For more information, refer to Veritas Data Insight Administrator's Guide.

More Information

Logging in to the Self-Service Portal