Arctera Insight Information Governance User's Guide

Last Published:
Product(s): Data Insight (7.2)
Platform: Windows
  1. Section I. Introduction
    1. Introducing Arctera Insight Information Governance
      1.  
        About Arctera Insight Information Governance
      2.  
        About data custodian
      3.  
        About permissions
      4.  
        About SharePoint permissions
      5.  
        About Box permissions
      6.  
        About audit logs
      7.  
        About migrated domains
      8.  
        Applications for Data Loss Prevention
      9.  
        Content classification using Arctera Information Classifier
    2. Using the Arctera Insight Information Governance Management Console
      1. About the Arctera Insight Information Governance Management Console
        1.  
          Header
        2.  
          Tabs
        3.  
          Navigation pane
        4.  
          Content pane
      2.  
        Operation icons on the Management Console
      3.  
        Logging in to the Information Governance Management Console
      4.  
        Logging out of the Information Governance Management Console
      5.  
        Accessing online Help
  2. Section II. Information Governance Workspace
    1. Navigating the Workspace tab
      1.  
        About the Information Governance Workspace
      2.  
        Using the Workspace filters
      3.  
        Managing the Workspace
      4.  
        Searching the storage device hierarchy
      5.  
        Searching for users and user groups
    2. Analyzing data using the Workspace views
      1.  
        About information risk
      2.  
        Viewing summary of data sources
      3. Viewing shares summary
        1.  
          About control points
      4.  
        About the risk score for users
      5. About the Risk Dossier
        1.  
          Assessing risky users - an example scenario
      6.  
        Viewing user summary
      7.  
        Viewing details of Watchlist users
      8.  
        Viewing details of alert notifications
    3. Viewing access information for files and folders
      1.  
        About viewing file or folder summary
      2.  
        Viewing the overview of a data source
      3.  
        Viewing the overview of a filer or Web application
      4.  
        Managing data custodian for paths
      5.  
        Viewing active users of a file or folder
      6.  
        Viewing inactive users
      7.  
        Viewing folder activity by time
      8.  
        Viewing activity on sub-folders and files
      9.  
        Viewing inactive sub-folders
      10.  
        Viewing user activity by time
      11.  
        Viewing user activity by folders
      12. Viewing user activity on files or folders
        1.  
          Assigning an inferred data owner as custodian
        2.  
          Assigning an active user as custodian
        3.  
          Assigning a custodian from the Permissions tab
      13.  
        Viewing file and folder activity
      14.  
        Viewing CIFS permissions on folders
      15.  
        Viewing NFS permissions on folders
      16.  
        Viewing SharePoint permissions for folders
      17.  
        Viewing OneDrive permissions for folders
      18.  
        Viewing Box permissions on folders
      19.  
        Viewing audit logs for files and folders
      20. About visualizing collaboration on a share
        1.  
          Analyzing activity on collaborative shares
    4. Viewing access information for users and user groups
      1.  
        Viewing the overview of a user
      2.  
        Viewing the overview of a group
      3.  
        Managing custodian assignments for users
      4.  
        Viewing folder activity by users
      5.  
        Viewing CIFS permissions for users
      6.  
        Viewing CIFS permissions for user groups
      7.  
        Viewing NFS permissions for users and user groups
      8.  
        Viewing SharePoint permissions for users and user groups
      9.  
        Viewing Box permissions for users and user groups
      10.  
        Viewing audit logs for users
  3. Section III. Information Governance reports
    1. Using Information Governance reports
      1.  
        About Information Governance reports
      2.  
        How Information Governance reporting works
      3.  
        Creating a report
      4. About Information Governance security reports
        1. Activity Details report
          1.  
            Create or Edit Activity Details for Paths report
          2.  
            Create or edit Activity Details for Users and Groups report
        2. Permissions reports
          1. Inactive Users
            1.  
              Create or edit Inactive Users report
          2. Path Permissions
            1.  
              Create or edit Path Permissions report
          3. Permissions Search report
            1.  
              Create Permissions Search report
          4.  
            About Permissions Query templates
          5. Creating a Permissions Query Template
            1.  
              Using the match-type criteria
          6.  
            Creating custom rules
          7. Permissions Query Template actions
            1.  
              Editing or deleting a Permissions Query Template
            2.  
              Copying a Permissions Query Template
            3.  
              About sharing a Permissions Query Template
          8.  
            Using Permissions Search report output to remediate permissions
          9. Entitlement Review
            1.  
              Create or edit Entitlement Review report
          10. User/Group Permissions
            1.  
              Create or edit User/Group Permissions
          11. Group Change Impact Analysis
            1.  
              Create or edit Group Change Impact Analysis report
        3. Ownership Reports
          1. Data Custodian Summary
            1.  
              Create or edit Data Custodian Summary report
          2. Inferred Owner
            1.  
              Create or edit Inferred Owner report
          3. Data Inventory Report
            1.  
              Create or edit Data Inventory report
      5.  
        Create/Edit security report options
      6. About Information Governance storage reports
        1. Activity Summary reports
          1.  
            Create or edit Activity Summary for Paths report
          2.  
            Create or edit Activity Summary for User/Groups report
        2. Capacity reports
          1. Filer Utilization
            1.  
              Create or edit Filer Utilization report
          2. Filer Growth Trend
            1.  
              Create or edit Filer Growth Trend report
        3. Data Lifecycle reports
          1. Inactive Data by File Group
            1.  
              Create or edit Inactive Data by File Group report
          2. Inactive Data by Owner
            1.  
              Create or edit Inactive Data by Owner report
          3. Data Aging
            1.  
              Create or edit Data Aging report
          4. Inactive Folders
            1.  
              Create or edit Inactive Folders report
        4. Consumption Reports
          1. Potential Duplicate Files
            1.  
              Create/Edit Potential Duplicate Files report
          2. Consumption by Folders
            1.  
              Create or edit Consumption by Folders report
          3. Consumption by Department
            1.  
              Create or edit Consumption by Department
          4. Consumption by File Group
            1.  
              Create/Edit Consumption by File Group
          5. Consumption by Owner
            1.  
              Create/Edit Consumption by Owner
          6. Consumption by File Group and Owner
            1.  
              Create/Edit Consumption by File Group and Owner
      7.  
        Create/Edit storage report options
      8. About Information Governance custom reports
        1.  
          About DQL query templates
        2.  
          Creating custom templates for DQL queries
        3.  
          Create/Edit DQL report options
        4. Creating DQL reports with custom variables
          1.  
            Running a DQL report with custom variables
      9.  
        Considerations for importing paths using a CSV file
    2. Managing reports
      1.  
        About managing Information Governance reports
      2. Viewing reports
        1.  
          About stale information in reports
      3.  
        Filtering a report
      4.  
        Editing a report
      5.  
        About sharing reports
      6.  
        Copying a report
      7.  
        Running a report
      8.  
        Viewing the progress of a report
      9.  
        Customizing a report output
      10.  
        Configuring a report to generate a truncated output
      11.  
        Sending a report by email
      12.  
        How does number of records field work differently from the truncate output records field?
      13.  
        Automatically archiving reports
      14.  
        Canceling a report run
      15.  
        Deleting a report
      16.  
        Considerations for viewing reports
      17.  
        Organizing reports using labels
  4. Section IV. Remediation
    1. Configuring remediation workflows
      1.  
        About remediation workflows
      2.  
        Prerequisites for configuring remediation workflows
      3.  
        Configuring Self-Service Portal settings
      4.  
        About workflow templates
      5. Managing workflow templates
        1.  
          Create/Edit Entitlement Review workflow template
        2.  
          Create/Edit DLP Incident Remediation workflow template
        3.  
          Create/Edit Ownership Confirmation workflow template
        4.  
          Create/Edit Records Classification workflow template
      6. Creating a workflow using a template
        1. Create Entitlement Review workflow options
          1.  
            Customizing Entitlement Review report output
        2.  
          Create DLP Incident Remediation workflow options
        3.  
          Create Ownership Confirmation workflow options
        4.  
          Create Records Classification workflow options
      7. Managing workflows
        1.  
          Viewing details of submitted workflows
        2.  
          Extending the deadline of a workflow
        3.  
          Copying a workflow
        4.  
          Managing submitted workflows
        5.  
          Canceling or deleting a workflow
      8.  
        Auditing workflow paths
      9.  
        Monitoring the progress of a workflow
      10.  
        Remediating workflow paths
    2. Using the Self-Service Portal
      1. About the Self-Service Portal
        1.  
          About Entitlement Review
      2.  
        Logging in to the Self-Service Portal
      3.  
        Using the Self-Service Portal to review user entitlements
      4.  
        Using the Self-Service Portal to manage Data Loss Prevention (DLP) incidents
      5.  
        Using the Self-Service Portal to confirm ownership of resources
      6.  
        Using the Self-Service Portal to classify sensitive data
    3. Managing data
      1. About managing data using Arctera Enterprise Vault and custom scripts
        1.  
          About Retention categories
        2.  
          About post-processing actions
      2.  
        Managing data from the Shares list view
      3.  
        Managing inactive data from the Folder Activity tab
      4.  
        Managing inactive data by using a report
      5.  
        Archiving workflow paths using Arctera Enterprise Vault
      6.  
        Using custom scripts to manage data
      7.  
        Pushing classification tags while archiving files into Arctera Enterprise Vault
      8.  
        About adding tags to devices, files, folders, and shares
    4. Managing permissions
      1.  
        About permission visibility
      2.  
        About recommending permission changes
      3. About recommending permissions changes for inactive users
        1.  
          Reviewing permission recommendations
        2.  
          Analyzing permission recommendations and applying changes
      4.  
        Making permission changes directly from Workspace
      5.  
        Removing permissions for Entitlement Review workflow paths
  5. Appendix A. Command Line Reference
    1.  
      mxcustodian
  6.  
    Index

About remediation workflows

In large storage environments, it can become difficult to assign the responsibility of remediating data resources to data owners and custodians. Security and storage administrators have to manually inform data owners about issues with the resources that they own. Also, it can be tedious to track remediation actions on such resources.

Remediation workflows provide an easy way to fan out remediation tasks among configured custodians and data owners. The custodians are responsible for the data resources and can take a decision about the best way to remediate them. To understand how custodians are assigned in Information Governance, refer to the Arctera Insight Information Governance User's Guide.

You can use workflows to define a process to distribute remediation tasks to custodians. You can create the following workflows for different remediation tasks:

  • Entitlement Review

    Review the user permissions on the folders that the custodians are responsible for and attest the permissions or suggest changes. The entitlement information for this workflow is generated by the Entitlement Review report.

    You can send the change request to a ticketing system or Identity and Access Management (IAM) tool, or use custom scripts to remediate the permissions.

  • Data Loss Prevention (DLP) Incident Remediation

    View policy violations and take action on the files that violate policies. The policy information is pulled into Information Governance from Data Loss Prevention (DLP). The actions are Smart Response rules defined by DLP administrators. DLP uses the Smart Response rules to remediate the resources that violate configured DLP policies.

    Information Governance uses two DLP Web services for incident remediation - the Response Rules Listing Service and the Response Rule Execution Service. The Response Rule Listing Service provides a list of available response rules in DLP, such as delete or quarantine, for a given incident. The Response Rule Execution Service takes the response rule requests submitted by users from the Self-Service Portal and executes them in DLP. By default, the Response Rule Execution Service is disabled. You must enable the service to allow the portal users to remediate incidents.

    Note:

    Information Governance does not let you create an incident remediation workflow for sensitive paths that are imported into Information Governance using a CSV file. This is because the workflow requires data from DLP, such as Smart Response rules and incident IDs and severity information for paths that violate a policy.

    For more information about DLP incidents, see the Data Loss Prevention Administrator's Guide.

  • Ownership Confirmation

    Confirm the ownership of files and folders in your storage environment.

  • Records Classification

    Classify the sensitive files that must be retained for a legally mandated period. The workflow helps you classify files based on their business value and manage the life cycle of sensitive documents by applying data management rules to the classified data.

    You can choose to archive the files that are marked as record and apply retention categories that define how long the files must be stored before being deleted. The files that are marked as record are retained based on the file classification policies that they violate.

    You can use the workflow to trigger automatic actions only if your organization uses Arctera Enterprise Vault™ to archive data and if Arctera Enterprise Vault is configured in Information Governance.

Depending on the type of workflow, the custodian may perform the following actions:

Workflow

Action

Entitlement Review

Review the user permissions on folders that the custodian owns and automatically trigger a permission remediation workflow to execute the changes.

To trigger a permission remediation action, you must first configure the permission remediation settings.

For information about configuring permission remediation settings, see the Arctera Insight Information Governance Administrator's Guide.

DLP Incident Remediation

Choose the configured remediation actions, and submit the same for execution by the DLP Enforce Server.

Ownership Confirmation

Confirm the ownership of resources. Once the custodians confirm or deny the ownership, and the workflow is complete, the status summary is displayed in the Information Governance Management Console. A Information Governance administrator may review the status and take further actions based on it.

Records Classification

Mark a file as Record or No record.

When the custodians submit their response and a file marked as Record, Information Governance automatically sends a request to Arctera Enterprise Vault™ to archive the document. and apply configured post-processing actions on the document if the following conditions are fulfilled:

  • Arctera Enterprise Vault is configured and if the option to use EV for archiving is selected when creating the workflow template.

  • Automatic response is enabled in the workflow.

Once you submit a workflow from the Information Governance console, the custodians receive an email notification with a link to the Self-Service Portal. They can log in to the portal, choose the necessary remediation actions, and submit the same for execution by the DLP Enforce Server, Arctera Enterprise Vault server, or the Information Governance Management Server, depending on the type of workflow.

Note:

If you do not have a valid portal license or if your base or portal license has expired, Information Governance disables the option to create workflows.

Figure: Workflow lifecycle

Workflow lifecycle

See About workflow templates.

See Monitoring the progress of a workflow.

More Information

Creating a workflow using a template

Managing workflows