Veritas Data Insight User's Guide
- Section I. Introduction
- Section II. Data Insight Workspace
- Navigating the Workspace tab
- Analyzing data using the Workspace views
- Viewing access information for files and folders
- Viewing user activity on files or folders
- About visualizing collaboration on a share
- Viewing access information for users and user groups
- Section III. Data Insight reports
- Using Data Insight reports
- About Data Insight security reports
- Permissions reports
- Permissions Search report
- Creating a Permissions Query Template
- Permissions Query Template actions
- Ownership Reports
- About Data Insight storage reports
- About Data Insight custom reports
- Managing reports
- Viewing reports
- Using Data Insight reports
- Section IV. Remediation
- Configuring remediation workflows
- Managing workflow templates
- Creating a workflow using a template
- Managing workflows
- Using the Self-Service Portal
- About the Self-Service Portal
- Managing data
- About managing data using Enterprise Vault and custom scripts
- About adding tags to files, folders, and shares
- Managing permissions
- Configuring remediation workflows
- Appendix A. Command Line Reference
About recommending permission changes
Data Insight allows you to leverage the activity data provided by the audit logs and information about permissions on a path to make recommendations for permission changes. Data Insight enables you to manage permissions on file servers and SharePoint sites to ensure security and compliance with best practices and company policies.
The permission change recommendations help you evaluate the integrity of the assigned permissions. You can monitor the permissions of inactive users to eliminate access risk and lock down open access, and implement recommendations by modifying security groups.
Note:
The permission remediation action from the
tab can only be taken by a user with the Server Administrator role. The options to remove users or groups or to revoke permissions using reports are only visible to users with the Server Administrator role and Report Administrators who are allowed to remediate data and permissions.You can orchestrate permission changes in the following ways:
Recommend that the permissions of inactive users on shares and folders be revoked.
The permission recommendations are calculated after considering the effective permissions for a user or a path, which include share-level permissions.
See About recommending permissions changes for inactive users.
See Reviewing permission recommendations .
See Analyzing permission recommendations and applying changes.
Use the Permissions Search report to remediate permissions.
For more information about the Permissions Search report, see the Veritas Data Insight User's Guide.
Remove direct member users or groups from a group on the Workspace.
tab of theRevoke permissions of specific trustees directly from theWorkspace.
tab of theRemove permissions from the Workflows > Audit page on paths that are part of an Entitlement Review workflow.
See Removing permissions for Entitlement Review workflow paths.
You can configure the settings required to implement the permissions recommendations.
Note:
Data Insight does not fetch permissions for the Microsoft OneDrive, SharePoint Online, and Documentum data sources. Hence, you cannot configure permission recommendations for these data sources.