3.13 Data Leak Prevention

The Data Leak Prevention feature allows you to have control over important organizational documents and helps you adhere to data protection policies while still providing remote access to external partners and users working remotely.

NOTE:This feature is available only under the Advanced Edition license.

3.13.1 Policies

Data leak prevention is managed with a policy-based prevention mechanism. When a policy is applied to a file, the file will adhere to the configuration set in the policy. The policy is assigned with a set of restrictions to be honored.

Path: Port 8443 Filr Admin ConsoleManagement > Data Leak Prevention > Policies.

A default policy called “Confidential” is available under the Policies tab. By default, the policy is in Activated status. The policy will have a color mapped to it.

Modifying a Policy

The Modify option allows you to edit the title of the policy and change the color mapped with the policy.

To modify the policy, perform the following:

  1. Go to

    Path: Port 8443 Filr Admin Console Management > Data Leak Prevention > Policies.

  2. Choose Modify from the Options menu of the policy.

  3. Perform the following in the Modify Policy dialog box.

Table 3-12 Modify Policy

Field, Option, or Button

Information and/or Action

  • Title

  • Edit the name of the policy.

  • Color

  • Click this drop-down menu to choose a color.

  • Modify

  • Click this to save the changes.

  • Cancel

  • Click this to discard any changes made and close the Modify Policy dialog box.

Managing Policy

A policy will have a set of file operation restrictions. These file operations are restricted on the files to which the policy is applied.

A system-generated policy called ‘Confidential’ is available and the ‘Share Externally’ file operation restriction is mapped to this policy. When this policy is applied to a file, sharing the file with any external user is restricted (Share with external users, Share public, and Share with file links).

Path: Port 8443 Filr Admin ConsoleManagement > Data Leak Prevention > Policies.

Currently you are not allowed to edit the policy configuration. You can view the file operation restriction configured to a policy.

3.13.2 Managing Workspace

Manage Workspace tab lists all the net folders of your organization. You can enable DLP for any netfolders listed here.

You are allowed to select a DLP policy and apply it to a workspace for which DLP is enabled.

All the built-in administrators are the default moderators. The Moderators section allows you to select users who have access to the workspace and make them moderators. If the DLP is enabled for a workspace and the policy is not applied at the netfolder level, then a moderator will have the policy management privileges and can apply policy to the required files in the workspace. The moderators can apply policy to files and manage them in the workspace.

To enable DLP for a workspace, perform the following:

  1. Go to

    Path: Port 8443 Filr Admin Console Management > Data Leak Prevention > Manage Workspace

  2. Perform the following steps to enable DLP for the workspace:

    Table 3-13 Managing workspace

    Field, Option, or Button

    Information and/or Action

    Workspace

     

    • Workspace

    • Search and select the workspace (netfolder) from this drop-down menu. You can click the close button to clear the selection made.

    • Enable DLP for this workspace

    • Turn on this toggle to enable the DLP feature for the workspace.

    • Policy

    • Select the policy from this drop-down menu. You can click the close button to clear the selection made.

    Moderators

     

    • Enable workspace Moderators

    • Turn on this toggle to enable the Add or Remove Moderators button.

    • Add or Remove Moderators

    • Click this button to add users as moderators. The Add or Remove Moderators dialog box is displayed.

    • Enter the usernames to be added as moderators for the workspace. Type the first three alphabets of a username based on the data entered, the system will search and lists the users having access to the workspace.

    • A workspace can have only ten moderators.

    • Save

    • Click this to add the selected users as moderators. You can click the close button to remove the user from this section.

    Existing Moderators

    • The names added will appear under the Existing Moderators section.

    • You can click the close button to remove the user and groups from this section.

    • Save

    • Click this to save the changes made under the Manage Workspace tab.

    • Discard

    • Click this to discard the changes made.

NOTE:

  • When the DLP is enabled and the policy is applied to a workspace, the policy is applied to all the files in the workspace. An administrator or a moderator is not allowed to remove the policy for a file.

  • When the DLP is enabled and a policy is not applied to a workspace, then an administrator or a moderator can apply policy to files in the workspace.

For more information, see Micro Focus Filr - Frequently Asked Questions (FAQ).