Arctera Insight Information Governance

Last Published:
Product(s): Veritas Alta Data Insight (1.0)
Platform: Windows
  1. About Arctera Insight Information Governance
    1.  
      About Arctera Insight Information Governance
  2. Dashboard
    1.  
      About Arctera Insight Information Governance Dashboard
    2.  
      Storage Utilization Trends
  3. Navigating through Arctera Insight Information Governance
    1.  
      Left Navigation Panel Overview
  4. Workspace
    1.  
      About Arctera Insight Information Governance Workspace
    2.  
      Data
    3.  
      Users
    4.  
      Groups
  5. Policy
    1.  
      About policy
    2.  
      Creating Policies
    3.  
      Managing Policies
  6. Installing Collector Node
    1.  
      About Collector node
    2.  
      Downloading and Installing Arctera Insight Information Governance Collector
  7. Collector
    1.  
      Collector
    2.  
      About servers
  8. Data Sources
    1.  
      Data Sources
    2. Filers
      1.  
        Adding filers
      2.  
        Viewing configured filers
      3.  
        Editing filer configuration
      4.  
        Managing filers
      5.  
        Monitored Shares
      6.  
        About disabled shares
    3. SharePoint Online
      1.  
        About SharePoint Online account monitoring
      2.  
        Registering Information Governance with Microsoft to enable SharePoint Online account monitoring
      3.  
        Configuring application without user impersonation for M365
      4.  
        Creating an application in the SharePoint Admin Center
      5.  
        Add SharePoint Online accounts
      6.  
        Managing Site Collections
      7.  
        Monitored Site Collections
    4. OneDrive
      1.  
        Configuring OneDrive account
      2.  
        Registering Information Governance with Microsoft to enable OneDrive account monitoring
      3.  
        Configuring application without user impersonation for M365
      4.  
        Add/Edit OneDrive account
      5.  
        Monitored Cloud Accounts
  9. Directory Services
    1.  
      About Active Directory Services
    2.  
      Registering Information Governance with Microsoft to scan Azure AD
    3.  
      Add/Edit Azure active directory service
  10. Health and Monitoring
    1.  
      Scan Status
  11. Classification
    1.  
      Requests
    2.  
      Configuration
    3.  
      Setting up Classification
  12. File Groups
    1.  
      About File group
    2.  
      Configuring File group
  13. Reports
    1.  
      About Reports
  14. Workflows
    1.  
      Workflows
    2.  
      Task
  15. Data Remediation
    1.  
      Delete Files Configuration
  16. Users and Access
    1.  
      Users and Roles
    2.  
      Credentials

About policy

Policies in Information Governance are a set of configurable rules and criteria used to automatically identify and categorize data, and to take appropriate actions based on organizational requirements. These policies play a key role in strengthening data governance, minimizing risks, and ensuring compliance with privacy, security, and regulatory standards.

Information Governance evaluates scanned items against a defined set of policies. The application includes six built-in policies that are enabled by default. If these built-in policies do not align with your use cases, you can create custom policies tailored to your specific data governance or classification requirements.

Information Governance categorizes policies into five distinct types, each serving a specific purpose in data analysis and classification:

  • Sensitive Data Identification - This policy allows the user to define sensitive tag's information. This

  • Data Owner Identification - Helps determine and assign ownership of data based on access patterns or metadata.

  • Tag-Based Policies - Uses existing tags to apply further classification or trigger actions on already tagged content.

  • Filegroup-Based Policies - Targets files based on their type, extension, or category (e.g., executables, media files).

  • User Data Accesses - Monitors and evaluates data based on user activity, highlighting unusual or risky access behavior.

There are six built-in policies in Information Governance. Their names and policy descriptions are as follows:

Policy Name

Descriptions

Credentials in freeform text

This policy is used to generate alerts for files that contain credentials in freeform text. After classification, Information Governance checks for the Authentication tag attached to the classified files and raises alerts for potential violations.

This is a singleton policy, meaning only one instance is created per tenant. The policy can be edited, but it cannot be deleted or disabled.

Data owner identification

This policy is used to identify the Data Owner of files based on audit information. The user with the highest number of write accesses is considered the file owner. If write access data is not available, the user with the highest number of total accesses is assigned as the owner.

The policy runs daily on a defined schedule and evaluates only those files that have recorded user access events. Server administrators can customize the policy by modifying the data scope, ownership criteria, or execution schedule to suit organizational needs.

Once the policy is executed, ownership is assigned to qualifying files. The identified data owner can be viewed in the Data Summary section on the Workspace > Data page.

This is a singleton policy, meaning only one instance is created per tenant. The policy can be edited, but it cannot be deleted or disabled.

Ransomware alerts

This policy is used to generate alerts for files whose extensions match those defined in the Ransomware file group. After scan data is ingested, Information Governance checks for files with these extensions and raises alerts by sending email notifications to the server administrator for any violations detected.

Server administrators can enable, disable, or delete this policy as needed. They also have the option to create a new policy of type Filegroup Based, copy the existing policy, or edit it to modify the data scope and specify a different file group to monitor.

Sensitive data identification

This policy is used to identify sensitive files across data sources. Server administrators can configure the policy by specifying a list of tags that are considered sensitive.

Once classification is completed, Information Governance checks the tags attached to the classified files. If any of the configured sensitive tags are found, the files are marked as sensitive.

This policy is automatically executed whenever a classification request is run.

User activity on sensitive data

This policy is used to generate alerts when users access sensitive files. After audit data ingestion, Information Governance evaluates access events to detect any user activity on files marked as sensitive. If such access is found, an email alert is sent to the server administrator indicating a sensitive data access violation.

Server administrators can enable, disable, or delete this policy. They can also create a copy of the existing policy or edit it to adjust the data scope, specify which users to monitor, and define the types of accesses to track.

External users data activity

The External User Data Activity policy is a default policy automatically created by Information Governance for each tenant. This policy is triggered when any unknown or external user - defined as a user not part of any added domain - performs any action on files. An email notification is sent to all server administrators detailing the access events.

Server administrators can enable, disable, or delete this policy. They also have the option to create a new policy of type User Data Accesses, duplicate the existing policy, or edit the policy to modify the data scope, specify users to monitor, and define the access types to track.

On the Policy page, you can create a new policy, enable or disable a policy, search the list by name or policy type, refresh the view, or toggle the list using the switch. You can also click the action menu (three dots) next to each policy to perform actions such as Edit, Copy, or Delete. To sort the policies by name, status, or type, click the corresponding column header to arrange them in ascending or descending order.