Veritas Data Insight User's Guide
- Section I. Introduction
- Section II. Data Insight Workspace
- Navigating the Workspace tab
- Analyzing data using the Workspace views
- Viewing access information for files and folders
- Viewing user activity on files or folders
- About visualizing collaboration on a share
- Viewing access information for users and user groups
- Section III. Data Insight reports
- Using Data Insight reports
- About Data Insight security reports
- Permissions reports
- Permissions Search report
- Creating a Permissions Query Template
- Permissions Query Template actions
- Ownership Reports
- About Data Insight storage reports
- About Data Insight custom reports
- Managing reports
- Viewing reports
- Using Data Insight reports
- Section IV. Remediation
- Configuring remediation workflows
- Managing workflow templates
- Creating a workflow using a template
- Managing workflows
- Using the Self-Service Portal
- About the Self-Service Portal
- Managing data
- About managing data using Enterprise Vault and custom scripts
- About adding tags to files, folders, and shares
- Managing permissions
- Configuring remediation workflows
- Appendix A. Command Line Reference
About Entitlement Review
The Data Insight Administrator, can configure and initiate an entitlement review workflow from the Management Console. Once the Entitlement Review workflow is triggered, Data Insight will send an email to the data custodian to review the permissions.
Entitlement Review workflow helps a data custodian to review the access permissions on the resources the custodian owns. It also provides insight into whether a user is the creator owner on a path with Full control permissions. The custodian can make recommendations to deny or allow access to a user or group on a path.
The custodian can recommend remediation actions, in the following cases:
If the user or group is inactive on the path for the selected time period .
If the custodian wants to restrict access to a user who does not have any business reason to have access on a path.
The custodian must submit the recommendations from the Self-Service Portal. Based on the custodian's recommendations, the Data Insight administrator can take the following actions:
Revoke the user's explicit permissions on the path.
Remove the user from the group of which she is the direct member.
In case of user with creator owner on a path, remove the user as the current owner in the Windows' Advanced Security settings.
However, Data Insight does not provide recommendations to modify well-known groups such as Everyone or Administrators.