compliance guardian online user guideavepointcdn.azureedge.net/pdfs/en/user_guides/compliance... ·...

User Guide

Compliance Guardian Online 2

Cumulative Update 2

Issued January 2017

2

Compliance Guardian Online User Guide

Table of Contents

What is New in this Guide ...................................................................................................................6

About Compliance Guardian Online .....................................................................................................7

Submitting Documentation Feedback to AvePoint ................................................................................8

Integration with AvePoint Online Services ............................................................................................9

AvePoint Online Services Versions - Commercial and US Government Public Sector .......................... 10

Navigating Compliance Guardian Online ............................................................................................ 11

Compliance Guardian Online Guidance........................................................................................... 12

How to Use Your Keyboard in Compliance Guardian Online ............................................................. 12

Accessing the Compliance Guardian Online .................................................................................... 12

Scanner Manager ............................................................................................................................. 13

Launching Scanner Manager .......................................................................................................... 13

Overview ...................................................................................................................................... 13

Selecting Mode to Create a Plan or Rule ..................................................................................... 14

Scheduled Scanner ........................................................................................................................ 14

Configuring a Scheduled Scanner for SharePoint Online Plan ....................................................... 14

Configuring a Scheduled Scanner for Website Plan ...................................................................... 38

Configuring a Scheduled Scanner for Yammer Plan ...................................................................... 41

Real-Time Scanner ........................................................................................................................ 49

Creating Real-Time Scanner Rules for SharePoint Online.............................................................. 49

Creating Real-Time Scanner Rules for Yammer ............................................................................ 52

Incident Management Center............................................................................................................ 57

Launching Modules in Incident Management Center ....................................................................... 57

Managing My Tasks ....................................................................................................................... 57

Resolving Incidents .................................................................................................................... 58

Dismissing Incidents .................................................................................................................. 64

Escalating Incidents ................................................................................................................... 65

Exporting to Datasheet .............................................................................................................. 65

Viewing and Managing All Scan Records ......................................................................................... 65

3


Managing Files Under the Test Suite Tab .................................................................................... 66

Managing Files Under the Actions Taken Tab .............................................................................. 66

Viewing Information .................................................................................................................. 66

Disposing Files........................................................................................................................... 69

Using Incident Manager................................................................................................................. 76

Viewing Reports in Report Center .................................................................................................. 76

Viewing Scan Reports in Dashboard............................................................................................ 76

Viewing Heatmap ...................................................................................................................... 79

Viewing Trend Report ................................................................................................................ 80

Using Access Policy........................................................................................................................ 80

Managing Access Policy ............................................................................................................. 80

Creating and Editing Access Policies............................................................................................ 81

Managing Scope Mapping Profiles.............................................................................................. 81

Creating and Editing Scope Mapping Profiles .............................................................................. 82

Viewing and Managing Feedback ................................................................................................... 85

Export Requests ............................................................................................................................ 86

Control Panel ................................................................................................................................... 87

Getting Started ............................................................................................................................. 87

Launching Control Panel ................................................................................................................ 87

System Configuration .................................................................................................................... 87

General Settings ........................................................................................................................ 87

Job Pruning ............................................................................................................................... 88

Job Performance Alert ............................................................................................................... 91

Auditing........................................................................................................................................ 92

Configuring Pruning Settings ...................................................................................................... 92

Exporting Auditor Data Report ................................................................................................... 93

License Manager ........................................................................................................................... 93

Account ........................................................................................................................................ 95

Managing Users ........................................................................................................................ 96

Managing Groups ...................................................................................................................... 97

Permission Level........................................................................................................................ 98

4


General Security............................................................................................................................ 99

Managed Service Accounts ........................................................................................................ 99

Security Profile ........................................................................................................................ 100

Common Settings ........................................................................................................................ 101

Background Information on Test Suite and Check...................................................................... 101

Test Suite Manager.................................................................................................................. 102

Check Manager ....................................................................................................................... 108

Filter Policy ............................................................................................................................. 146

Notification Settings .................................................................................................................... 148

E-mail Templates..................................................................................................................... 148

E-mail Recipient Profile............................................................................................................ 149

Subscription ............................................................................................................................ 150

Deployment ................................................................................................................................ 152

Scan Record Settings ............................................................................................................... 152

Connection Manager ............................................................................................................... 152

Allowed Location..................................................................................................................... 154

Website Scanner Profiles ............................................................................................................. 156

Configuring Authentication Profile............................................................................................ 156

Configuring User Agent Profile ................................................................................................. 157

Job Monitor ................................................................................................................................... 159

Getting Started ........................................................................................................................... 159

Launching Job Monitor ................................................................................................................ 159

Understanding Job Monitor ......................................................................................................... 159

Job Monitor Interface .............................................................................................................. 159

Job Monitor vs Scheduled Job Monitor ..................................................................................... 160

Configuring the Viewing Pane ...................................................................................................... 160

The View Toolbar .................................................................................................................... 160

The Filter Toolbar .................................................................................................................... 161

Searching Jobs ............................................................................................................................ 161

Managing Jobs ............................................................................................................................ 161

Operations in the Job Monitor Tab ........................................................................................... 162

5


Operations in the Scheduled Job Monitor Tab ........................................................................... 164

Appendix A - Using Transaction Capture........................................................................................... 165

System Requirements for Using Compliance Guardian Online Transaction Capture ......................... 165

Installing Compliance Guardian Online Transaction Capture .......................................................... 165

Using the Tool............................................................................................................................. 166

Appendix B - Supported File Types ................................................................................................... 168

Appendix C - Analysis Technologies in Compliance Guardian Online .................................................. 169

Summary .................................................................................................................................... 169

Current Analysis Technologies ..................................................................................................... 169

Keyword ................................................................................................................................. 169

RegEx ..................................................................................................................................... 169

Lexicon ................................................................................................................................... 170

Structure ................................................................................................................................ 170

Context................................................................................................................................... 170

Fingerprint .............................................................................................................................. 170

Combo.................................................................................................................................... 170

Appendix D - Uploading the AvePoint Remote Event Framework or AvePoint Remote Event Framework

(US Gov) to Catalog Site .................................................................................................................. 171

Appendix E - File Types Scanned Through iFilter ............................................................................... 172

Appendix F - Getting Data via REST API ............................................................................................ 174

Notices and Copyright Information .................................................................................................. 178

6


What is New in this Guide

Minor edits and cover page update for current release.

7


About Compliance Guardian Online Compliance Guardian Online is an online version of Compliance Guardian used to scan websites,

Yammer, or SharePoint Online sites for accessibility, privacy, site quality, and security.

Compliance Guardian Online is designed to ensure that information is available and accessible to the

people who should have it and protected from the people who should not. Compliance Guardian Online

helps Chief Privacy Officers, Chief Information Security Officers, Compliance Managers, Records

Managers, SharePoint Administrators, and Company Executives proactively protect their IT

environments from harmful information leaks, contamination, or misuse while simultaneously ensuring

that all activities and content residing in their environments are compliant, accessible, and manageable.

Compliance Guardian Online is designed to empower organizations to comply with regulatory, statutory,

or organization specific requirements to manage and oversee access to sensitive data.

By identifying, classifying, and taking action on compliance risks, and presenting this information in

easily digestible formats for various stakeholders, organizations can more effectively build and maintain

a compliant framework.

*Note: To use Compliance Guardian Online, you must enable cookies and JavaScript.

8


Submitting Documentation Feedback to AvePoint AvePoint encourages customers to provide feedback regarding our product documentation. You can

Submit Your Feedback on our website.

http://www.avepoint.com/resources/documentation-feedback/?flush=1

9


Integration with AvePoint Online Services Compliance Guardian Online is integrated with AvePoint Online Services. To sign up for a Compliance

Guardian Online account, you must first sign up for an account with AvePoint Online Services. AvePoint

provides the following methods to sign up for an AvePoint Online Services account:

Sign up on the AvePoint Online Services website.

On the AvePoint official website, visit the AvePoint Online Services page or the Compliance Guardian Online page.

To sign up for AvePoint Online Services for the U.S. Government Public Sector, access

the following URL: https://usgov.avepointonlineservices.com.

To access Compliance Guardian Online, use one of the entries above to sign in AvePoint Online Services.

For details, refer to the AvePoint Online Services User Guide.

From any page within Compliance Guardian Online, you can navigate back to the AvePoint Online

Services home page by selecting the switch product ( ) button at the top right corner and then

selecting AvePoint Online Services from the drop-down list. You can also select DocAve Online,

Governance Automation Online, File Share Navigator Online, or DocAve Backup for Salesforce to

access the corresponding product.

Refer to the following rules for the user permissions in Compliance Guardian Online and AvePoint Online

Services.

Once a user is added into the Compliance Guardian Online IT Administrators group, they will become the Application Administrator of the AvePoint Online Services product.

Once a user is added into Compliance Guardian Online groups that are not IT Administrators groups, they become a Standard User in AvePoint Online Services.

Once a user is deleted from Compliance Guardian Online:

o If the user is only in Compliance Guardian Online, this user will be totally deleted from AvePoint Online Services.

o If the user is also in other online products that are integrated in AvePoint Online Services, the user permission will be updated since it is deleted from Compliance Guardian Online, but the user will keep the permission for other online products.

Once a user’s permission is changed in Compliance Guardian Online, the modification will be synchronized into AvePoint Online Services according to the above first two

rules.

Refer to the AvePoint Online Services User Guide for detailed information in AvePoint Online Services.

Refer to the Account section in this user guide for detailed information on the user permissions in

Compliance Guardian Online.

https://www.avepointonlineservices.com/http://www.avepoint.com/products/office-365-online-services/http://www.avepoint.com/products/office-365-online-services/website-and-office-365-compliance/https://usgov.avepointonlineservices.com/http://www.avepoint.com/assets/pdf/user_guides/AvePoint_Online_Services_User_Guide.pdfhttp://www.avepoint.com/assets/pdf/user_guides/AvePoint_Online_Services_User_Guide.pdf

10


AvePoint Online Services Versions - Commercial and US

Government Public Sector

There are two versions of AvePoint Online Services: a version for Commercial use, and a version

available on Microsoft’s Cloud Platform for U.S. Government. The U.S. Government Public Sector version

of AvePoint Online Services offers most of the same functionality as the Commercial version. For details,

refer to the AvePoint Online Services User Guide. Functionality of Compliance Guardian Online in both

versions is the same.

http://www.avepoint.com/assets/pdf/user_guides/AvePoint_Online_Services_User_Guide.pdf

11


Navigating Compliance Guardian Online Compliance Guardian Online shares similar navigation and features that are found in Compliance

Guardian on-premises.

Here is a sample window in Compliance Guardian Online. It features a familiar, dynamic ribbon, and a

searchable, content list view.

Figure 1: Sample window in Compliance Guardian Online.

1. Ribbon Buttons – Allows users to access the functionality of the active Compliance Guardian Online functions.

2. Manage columns ( ) – Allows users to manage which columns are displayed in the list. Select

the manage columns ( ) button, and then select the checkbox next to the column name in the

drop-down list.

3. Search – Filter the content displayed by the keyword you enter; if the keyword is not contained in a column value then no results will be returned. You can select to Search all pages or Search

current page.

*Note: The search function is not case sensitive.

4. Filter the column ( ) – Allows users to filter the information in the List View. Select the filter

the column ( ) button next to the column and then select the checkbox next to the column

name.

12


5. Hide the column ( ) – Allows users to hide the selected column.

6. Change the number of items displayed per page, select the desired number from 5, 8, 10, 15, 20,

25, 50, 100 in the Show rows drop-down list at the lower-right corner.

7. Enter the page number in the Go to … of text box at the lower-right corner and press Enter to go

to the entered page.

8. Select the > button at the lower-right corner to go to the next page; select the < button at the lower-right corner to return to the previous page.

Compliance Guardian Online Guidance

The Compliance Guardian Online window appears if it is your first time using Compliance Guardian

Online. You can view videos and guides in this window that will help you learn how to use Compliance

Guardian Online. Select the Do not show this page again. checkbox if you do not want to view this

window again.

How to Use Your Keyboard in Compliance Guardian Online

In order to use keyboard shortcuts in Compliance Guardian Online, see the table below.

Keyboard Key When to Use Tab Switch among all of the functions in one page.

Enter Select one button.

Space Select one checkbox/radio button/button. F2 Switch focus from the table to cells so that you can switch among the

cells by using the arrow keys or select the cell by using Space. *Note: F2 can only be used in the following modules: Job Performance Alert, Compliance Guardian Auditor, Users, Groups, Permission Level, Security Profile, Filter Policy, E-mail Templates, E-mail Recipient Profile, Allowed Location, Authentication Profile, User Agent Profile, and Job Monitor.

↑↓←→ Switch among options in one list box, options in one combo box, or among cells in one table.

Accessing the Compliance Guardian Online

The following table displays the supported browsers and their requirements on the Silverlight version if

you want to access the Compliance Guardian Online:

Rules Requirement Silverlight Version 5.0 or above

Internet Explorer IE 7 or above Google Chrome 19.0.1084.52

Mozilla Firefox 14.0.1

13


Scanner Manager Compliance Scanner Manager enables you to retrieve compliance information about all data in the

specified scope through performing Scanner jobs or in real time. It displays the scan results through

different kinds of Compliance Reports so users can easily view the compliance status of the files in the

specified scopes. You can configure to perform the specified actions to the contents scanned out.

Launching Scanner Manager

To launch Scanner Manager and access its functionality, you can:

Select the Manage Scheduled Scanner Plan or Manage Real-Time Scanner Rules link in the Home interface of Compliance Guardian Online to launch the Scheduled Scanner or

Real-Time Scanner interface directly.

Select Scanner Manager on the top of the screen.

Overview

There are two tabs in the Scanner Manager interface:

Scheduled Scanner – Select this tab to create and manage scheduled scanner plans.

You may perform any of the following actions on a selected Scheduled Scanner plan:

o Rename – Rename the plan name. A window appears after you select Rename. Enter a new name and an optional description in the window, and then select

Save.

o View Details – Select View Details to see the details of the selected plan.

o Edit – Select Edit to make changes to the selected plan’s settings.

o Delete – Delete the selected plan. A warning message will appear to confirm the deletion. Select OK to delete the selected plan, or select Cancel without deleting

the selected plan.

o Run Now – Select Run Now to execute the plan immediately. After you select Run Now, a pop-up window appears, you can select to run a full job or an incremental job. If Incremental Scan of only objects that have been updated

since the last scan is selected, select whether or not to use a reference time.

If you choose to use a reference time, configure the time to scan contents

created or modified. Enter an integer into the text box and select Months, Days,

Hours, or Minutes from the drop-down list.

You can see the details about the plan’s execution in Job Monitor.

14


o Test Run – Perform a test run for the selected plan. You can select to run a full test run or an incremental test run. If Incremental Scan of only objects that have been updated since the last scan is selected, select whether or not to use

a reference time.

If you choose to use a reference time, configure the time to scan contents

created or modified. Enter an integer into the text box and select Months, Days,


Real-Time Scanner – Select this tab to create Real-Time scanner rules and manage the nodes that already have rules applied, but the node that has an inherited rule is not

displayed in this field.

You may perform any of the following actions on a selected node:

o View Details – Select View Details to see details of the rule applied on the

selected node.

o Edit – Select Edit to make changes to the rule applied on the selected node.

o Delete – Delete rules of the selected node.

Selecting Mode to Create a Plan or Rule

Under the Scheduled Scanner or Real-Time Scanner tab, select Create. A drop-down list appears. Select

the corresponding mode from the drop-down list: SharePoint Online, Website, or Yammer. Then, you

can go to the corresponding plan or rule creation interface, and configure a plan or rule to scan objects

in SharePoint Online, website, or Yammer.

Scheduled Scanner

Scheduled Scanner allows you to scan content in SharePoint Online, Website, or Yammer through a

scanner job.

Configuring a Scheduled Scanner for SharePoint Online Plan

Under the Scheduled Scanner tab of the Scanner Manager interface, select Create on the ribbon, a

drop-down list appears. Select SharePoint Online from the drop-down list, and you will be redirected to

the Create SharePoint Online Plan interface. Configure the following settings:

1. In the Define Scope step, select an option under Where should the scan be targeted?:

I’m not sure, I need to browse the environment to locate my data – Select this option, then expand the tree. Select a node where you want to perform the scan job on the

tree.

I know the file paths and want to specify the locations – Select this option, and the text box appears. Enter the scope URL where you want to perform the scan job. Press Enter

and then enter another URL in a new line. Select Verify to test if the URL is correct.

15


2. Select Next.

3. In the Configure Scope Settings step, select desired options in the following questions to finish

the settings:

Do you want to scan versions? – Select No, only scan the current and most visible version. (recommended) to only scan the current versions; or you can select Yes, scan all versions to scan all of the versions. If this option is selected, the scan result of each

file/item version will be reported in the report separately.

Do you want to specify a filter policy to determine what content will be scanned? – Select No, scan everything in the scope, then all of the content will be scanned; or you can select another option to use a filter policy to define the desired content. The filter policy drop-down list appears. By default, the default filter policy is used, and all of the types of documents/items supported by Compliance Guardian Online are included in this default filter policy. If you want to set up a new filter policy, select the New Filter Policy link in the drop-down list. Refer to Configuring Filter Policies for more

information.

4. Select Next.

5. In the Configure Scan Rule step, select if you want to use test suites to scan files.

If you want to use the test suites, select Yes, I want to use test suites to examine the file

contents as well as attributes and select the test suites in the table. You can perform the

following actions in the test suite table:

Create – Select Create to create a new test suite. The Create Test Suite interface

appears. For more information on creating test suites, refer to Creating Test Suites.

Refresh – Select Refresh to refresh the test suite list.

View Description – Select on a test suite name, the description is displayed in the

Description field of the right pane, displaying the checks the test suite includes.

Search – Enter a keyword in the search box to search the desired test suite.

Enter the page number in the Page … of text box at the lower-right corner and

press Enter to go to the entered page.

Select the > button at the lower-right corner to go to the next page; select

the < button at the lower-right corner to return to the previous page.

6. Select Next.

7. In the Configure Action Rule step, select if you want to take actions on the objects when

Compliance Guardian Online detects violations.

If you want to take actions to the objects, select Yes, and I want Compliance Guardian to take

actions automatically when it detects violations and configure the actions. For details on

configuring the action rule, refer to Configuring Action Rule.

*Note: You must configure at least the scan rule or action rule for the plan.

16


8. Select Next.

9. In the Configure General Settings step, select whether or not to configure a schedule for the plan. If you want to configure a schedule, select Yes, I want to set up a schedule. Then select

Add Schedule. The Add Schedule window appears. Configure the settings:

How much content should be included in the scan? – Select to run a full scan or

incremental scan:

o Full Scan – Run a full scan of all of the documents and items in the specified scope. Unlike incremental scan, all full scans are independent of one another and do not have any dependencies on the other’s scan results. However, because each of the full scans is comprehensive, full scan jobs take the longest

to complete of the two available options.

o Incremental Scan of only objects that have been updated since the last scan – Run a fractional scan. It scans only the updated documents and items since the last successful full scan or incremental scan. This kind of scan requires less storage than a full scan and it reduces the execution time of the scan job. However, it is important to note that for each incremental scan, the latest full scan job in the full scan cycle must be available. If the incremental scan is based on a former incremental scan job, the former incremental scan must also be

available.

If this option is selected, select whether or not to use a reference time. If you

choose to use a reference time, configure the time to scan the contents created

or modified. Enter an integer into the text box and select Months, Weeks, Days,


How often would you like to check on this scope? – Set up the frequency for the

scheduled Compliance Scanner job.

o One Time – Set up the time to start the Compliance Scanner plan and modify the time zone as required. The job will be run according to the date time

configured here.

o Recurring – Configure the following recurring settings.

Interval – Select one time unit from Minutes, Hours, Days, Weeks, and Months, and then enter a number into the Interval text box. The scheduled Compliance Scanner job will be run according to the interval

configured here.

Start Time – Set up the time to start the Compliance Scanner plan and

modify the time zone as required.

*Note: The start time cannot be earlier than the current time.

Then, configure the End Time:

No end date – Select this option to repeat running the plan until being

stopped manually.

17


End after _ occurrences – Select this option to stop the plan

automatically after the entered occurrences.

End by – Select the time to end the recurrence of scheduled Compliance

Scanner plans.

10. Select Save to save the settings in the Add Schedule window, or select Cancel to cancel changes.

11. You can select to configure the advanced settings by selecting Advanced Settings:

Do you want to scan SharePoint system content and/or user content? – Select to scan user content and/or system content.

o Scan user content – Select this checkbox so that only the documents and items

that are created by the end users will be scanned in the specified scope.

o Scan system content – Select this checkbox to scan the system built-in contents

in the specified scope.

Do you want Compliance Guardian to send a notification when it finishes a scan job? – Select whether or not to send a notification when a scan job finishes. If you select Yes, I need a notification, then select a notification profile. Select New Notification Profile to create a new profile.

Do you want Compliance Guardian to send an e-mail when an error occurs during the file scan? –– Define whether to send out an alert e-mail when an error occurs during the process of scanning a file. If you choose Yes, and I want to specify the users who will

receive the e-mail, configure the recipients by selecting the corresponding checkboxes.

o Creator e-mail template – Select this checkbox to send an alert e-mail to the creator of the specified file. If this checkbox is selected, you must select an e-

mail template from the corresponding drop-down list.

o Modifier e-mail template – Select this checkbox to send an alert e-mail to the last modifier of the specified file. If this checkbox is selected, you must select an

e-mail template from the corresponding drop-down list.

o User in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients configured in the selected alert notification profile. If this checkbox is selected, you must select an alert notification profile from the corresponding drop-down list. You can also select the New Notification Profile link to create a new notification profile. Then, select an e-mail template from

the e-mail template drop-down list.

12. Select Finish to finish the plan creation. A window appears. Enter the plan name and an optional description, then select Save; you can also select Save and Run Now to run the plan

immediately.

The Run Now pop-up window appears after you select Save and Run Now. You can select to run

a full job or an incremental job. If Incremental Scan of only objects that have been updated

since the last scan is selected, select whether or not to use a reference time. If you choose to

use a reference time, configure the time to scan contents created or modified. Enter an integer

into the text box and select Months, Days, Hours, or Minutes from the drop-down list.

18


At any step, select Back to return to the previous step, and select Cancel to cancel the plan

creation.

After you finish the plan creation, the plan will be listed under the Scheduled Scanner tab in the

Scanner Manager interface.

Configuring Action Rule

In the Rule text box of the Configure Action Rule step, enter an optional rule description. Then, Select

an option under If the following conditions are met to define if you want to filter out the desired

content.

If you select All of the files, then select Add an Action and select an action from the drop-down list. The

action will be displayed under the Actions column. Then, select Configure after the added action to

configure the settings for the action. Select the delete ( ) button after an action to delete this action.

For details of each action, refer to Scanner Actions.

If you select Specify conditions, the scanned files will be filtered according to your defined conditions.

The files that meet the conditions will be affected by the actions. Then configure the following

conditions:

1. Select All/Any and True/False in If _ of these conditions are _

All – The files that meet all of the conditions will be considered True/False.

Any – The files that meet any of the conditions will be considered True/False.

True – The scanned files that meet the conditions will be affected by the added actions.

False – The scanned files that do not meet the conditions will be affected by the added

actions.

2. Select Add Condition, then configure the settings:

Select File, Item, or Summary Result from the first link and then select the value from

the second link.

o File – Based on the SharePoint Document property value you configured here to define the scope in which the files that are not compliant will be affected by the

added actions.

o Item – Based on the SharePoint item property value you configured here to

define the scope in which the items will be affected by the added actions.

o Summary Result – If you have selected a test suite that can generate a summary result, this option appears. This is based on the summary result that the file

returns.

Select conditions.

Enter a value you want the rule to use in the text box.

19


Repeat step 2 to add more conditions.

Select the delete ( ) button after a condition to delete a condition.

3. You can select Add Group to add a condition group. Then the files that first meet the conditions you configured in step 2, and then meet the conditions in the condition group will be affected by actions.

Repeat step 3 to add more condition groups.

Select the delete ( ) button after a condition group to delete a condition group.

4. After configuring the conditions, select Add an Action and then select an action from the drop-down list. The action will be displayed under the Actions column. Then, select Configure to

configure the settings for the action.

Repeat step 4 to add multiple actions. The actions will then be added. You can change the order

of the actions by selecting the drop-down list before the action to determine the priority of the

action. Select the delete ( ) button after an action to delete this action. For details of each

action, refer to Scanner Actions.

5. After you configured the conditions and actions above, you can select Else to define actions to the scanned files that do not meet the conditions configured in step 2 and step 3. Refer to step 2

to 4 for details on how to configure the conditions and actions.

6. Select Add a Rule to add another rule.

7. You can select Export to XML File to export the action rule related settings to an XML file for

your further use; you can select Import XML File to import the XML file.

Scanner Actions

Refer to the following sections for details about each scanner action.

Encrypt

The files will be encrypted. After you select Configure after the Encrypt action, configure the following

settings in the appeared Configure interface:

Select a security profile _ to encrypt file – Select a security profile for encrypting the files. Select New Security Profile to create a new security profile. For more information,

refer to Security Profile. Select Refresh to refresh the security profile list.

Encrypt with alert – Select this checkbox to configure alert settings:

o When the action successfully executes, send e-mail to – Select the alert

recipients when the action successfully executes to the files:

E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select

20


an e-mail template from the drop-down list. Select Refresh to refresh

the e-mail template list.

E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select

Refresh to refresh the e-mail template list.

Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile. If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the corresponding drop-down lists. Select Refresh to refresh the notification

profile and e-mail template list.

o When the action fails to execute, send e-mail to – Select the alert recipients

when the action fails to execute:

E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to

refresh the e-mail template list.

E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list.

Select Refresh to refresh the e-mail template list.

Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile. If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the corresponding drop-down lists. Select Refresh to refresh the notification

profile list and e-mail template list.

Start an incident in Incident Manager when action is executed, and the incident will be assigned to – Select this checkbox to start an incident in Incident Manager when an

action is executed. Then select the assignees.

o Content Creator – The incident will be assigned to the creator of the file that

has been affected by the action.

o Content Modifier – The incident will be assigned to the modifier of the fi le that


o Users in the scope mapping – The incident will be assigned to the users in the scope mapping. If this checkbox is selected, select the None link and then select a scope mapping profile from the drop-down list. Select Refresh to refresh the

scope mapping profile list.

21


o Specify users/groups – The incident will be assigned to the specified users. Enter the user or group name in the appeared text box, and press Enter on your keyboard or select Validate to test if the entered user or group is valid. You can

add multiple users or groups.

o In the mean time, alert them with the template – When the incident is sent to the assignee, an alert will also be sent to the assignee. If this checkbox is selected, select the None link and then select an e-mail template from the drop-

down list. Select Refresh to refresh the e-mail template list.

Select Save to save the settings in the window, or select Cancel to cancel the changes.

Quarantine

The files will be quarantined. After you select Configure after the Quarantine action, configure the

following settings in the appeared Configure interface:

Select to quarantine the files in SharePoint or an area outside of SharePoint:

o The files matching the conditions will be quarantined in SharePoint – The files

that matched the conditions will be quarantined, but they are still in SharePoint.

o The files matching the conditions will be moved to an area outside of SharePoint – The files that matched the conditions will be moved to an area

outside of SharePoint.

Quarantine with alert – Select this checkbox to configure alert settings:



E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh


E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh the e-mail template list.

Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile. If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the drop-down lists. Select Refresh to refresh the notification profile list and

e-mail template list.


when the action fails to execute.

22




E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh the e-mail template list.







o Content Modifier – The incident will be assigned to the modifier of the file that






o In the mean time, alert them with the template – When the incident is sent to the assignee, an alert will also be sent to the assignee. If this option is selected, select the None link and then select an e-mail template from the drop-down list.



Redact

Redact the files. After you select Configure after the Redact action, configure the following settings in

the appeared Configure interface:

Select how do you want to deal with the file with the found content:

23


o Delete the files matching the conditions immediately – Select this option, files

that matched the conditions will be deleted directly.

o Replace the matching content – Select this option, the found content will be

replaced with the value configured in the following settings.

Configure the following settings to designate the target content:

o Please define keywords. The content that _ the following keywords will be redacted – Select Contains or Equals in the sentence. Then, enter a keyword and select if the content should be case sensitive. The content that contains or equals to the entered keyword will be found. You can enter multiple keywords,

and use the comma (,) as the separator.

o Please define a regular expression. The content that matches the regular expressions will be redacted – Enter a regular expression and select if the regular expression should be case sensitive. The content that matches the regular expression will be found. You can enter multiple regular expressions,


You can select Filter out the following content to not be redacted to configure

settings to filter out the desired content from the content that matches the

above regular expression. The filtered out content will not be redacted.

The content that _ the keywords – Select Contains or Equals in the sentence. Then, enter a keyword, and select if the content should be case sensitive. If the content that matches the above regular expression contains or equals to the entered keyword, it will be filtered out and will not be redacted. You can enter multiple keywords, and use the comma

(,) as the separator.

The content that matches the regular expressions – Enter a regular expression and select if the regular expression should be case sensitive. If the content that matches the above regular expression also matches the regular expression here, it will be filtered out and will not be redacted. You can enter multiple regular expressions, and use the

comma (,) as the separator.

Configure the value that is used to replace the found content and configure the related settings, these settings only appear if you select the Replace the matching content

option.

o Select Section or Word in Please fill in a _ used to replace the content above:

If Word is selected, enter a value used to replace the found content.

If Section is selected, enter a value used to replace the found section. Then,

enter numbers in The previous _ characters and following _ characters around

the content above will be redacted. The characters in the range of the entered

number will also be redacted.

24


o Repeat the character so the redaction is the same length as the original value – Select whether or not to repeat the configured value to make sure the

replaced result keeping the same length as the original content.

Redact with alert – Select this checkbox to configure alert settings:







Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile. If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the drop-down lists. Select Refresh to refresh the notification profile list and e-mail template list.



E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh the e-mail template list.





25















Quarantine Before Redact

Before files are being redacted, they will be quarantined to the Azure Storage. After you select

Configure after the Quarantine Before Redact action, configure the following settings in the appeared

Configure interface:

Select how do you want to deal with the file with the found content:

o Delete the files matching the conditions immediately – Select this option, files

that matched the conditions will be deleted directly.

o Replace the matching content – Select this option, the found content will be

replaced with the value configured in the following settings.

Configure the following settings to designate the target content:

o Please define keywords. The content that _ the following keywords will be redacted – Select Contains or Equals in the sentence. Then, enter a keyword and select if the content should be case sensitive. The content that contains or equals to the entered keyword will be found. You can enter multiple keywords,


o Please define a regular expression. The content that matches the regular expressions will be redacted – Enter a regular expression and select if the regular expression should be case sensitive. The content that matches the regular expression will be found. You can enter multiple regular expressions,


26


You can select Filter out the following content to not be redacted to configure

settings to filter out the desired content from the content that matches the

above regular expression. The filtered out content will not be redacted.

The content that _ the keywords – Select Contains or Equals in the sentence. Then, enter a keyword, and select if the content should be case sensitive. If the content that matches the above regular expression contains or equals to the entered keyword, it will be filtered out and will not be redacted. You can enter multiple keywords, and use the comma

(,) as the separator.

The content that matches the regular expressions – Enter a regular expression and select if the regular expression should be case sensitive. If the content that matches the above regular expression also matches the regular expression here, it will be filtered out and will not be redacted. You can enter multiple regular expressions, and use the

comma (,) as the separator.

Configure the value that is used to replace the found content and configure the related settings, these settings only appear if you select the Replace the matching content

option.

o Select Section or Word in Please fill in a _ used to replace the content above:

If Word is selected, enter a value used to replace the found content.

If Section is selected, enter a value used to replace the found section. Then,

enter numbers in The previous _ characters and following _ characters around

the content above will be redacted. The characters in the range of the entered

number will also be redacted.

o Repeat the character so the redaction is the same length as the original value – Select whether or not to repeat the configured value to make sure the

replaced result keeping the same length as the original content.

Quarantine Before Redact with alert – Select this checkbox to configure alert settings:







27
























28



Move

The scanned files will be moved to the specified location. After you select Configure after the Move

action, configure the following settings in the appeared Configure interface:

Move the failed files to the following location – Configure the location where the failed files will move:

o Allowed location – Select Browse to go to the Control Panel > Allowed Location page. For more detailed information on how to configure the allowed location, refer to Configuring Allowed Location.

o Enter the relative path of the library or folder – Select this option, and then enter the relative path of a library or folder to move the files within the same site.

If the files fail to move – Select how to deal with the files if they fail to move:


that matched the conditions will be quarantined in SharePoint.



Move with alert – Select this checkbox to configure alert settings:









o When the action fails to execute, send e-mail to – Select the alert recipients when the action fails to execute:

29




E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh the e-mail template list.















*Note: Only the files in the document library can be moved.


Encrypt and Quarantine

The files will be encrypted and then quarantined. After you select Configure after the Encrypt and

Quarantine action, configure the following settings in the Configure interface:

30


Select a security profile _ to encrypt file – Select a security profile to encrypt the files.

Select Refresh to refresh the security profile list.

Select how to deal with the files or items that matched the conditions:


that matched the conditions will be quarantined in SharePoint.



Encrypt and Quarantine with alert – Select this checkbox to configure alert settings:











E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that fails to be taken actions. If this checkbox is selected, select the None link and then select an e-mail template from the drop-down list. Select Refresh to refresh the e-mail template list.



Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile.

31


If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the drop-down lists. Select Refresh to refresh the notification profile list and















Change Permission

The permissions of the files or items will be changed based on your settings. After you select Configure

after the Change Permission action, configure the following settings in the Configure interface:

Change permissions of the files/items, to be shared only with the group – Enter a SharePoint group, the files or items are only shared to this group’s users.

If the group does not exist in SharePoint, Compliance Guardian will create this group automatically and grant the following permissions to the group users for these files/items – If the entered group does not exist, the group will be created automatically. Enter the group permissions to grant to the created group. Use the

comma (,) to separate each permission.

Change Permission with alert – Select this checkbox to configure alert settings:



E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select

32


an e-mail template from the drop-down list. Select Refresh to refresh






















33




o In the mean time, alert them with the template – When the incident is sent to the assignee, an alert will also be sent to the assignee. If this option is selected, select the None link and then select an e-mail template from the drop-down list.



Delete

The files will be deleted. After you select Configure after the Delete action, configure the following

settings in the Configure interface:

Delete with alert – Select this checkbox to configure alert settings:













E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that fails to be taken actions. If this checkbox is selected, select the

34


None link and then select an e-mail template from the drop-down list.




Start an incident in Incident Manager when action is executed, and the incident will be assigned to – Select this checkbox to start an incident in Incident Manager when an action is executed. Then select the assignees.












Alert Only

The files that meet the configured conditions can be recorded in an e -mail and sent to users. After you

select Configure after the Alert Only action, configure the following settings in the Configure interface:

Select the recipients and the corresponding e-mail templates:

o E-mail template for the document creator – Select this checkbox to send an alert e-mail to the creator of the specified file that will be taken actions. If this checkbox is selected, select the None link and then select an e-mail template

from the drop-down list. Select Refresh to refresh the e-mail template list.

o E-mail template for the last user to modify the document – Select this checkbox to send an alert e-mail to the last modifier of the specified file that will be taken actions. If this checkbox is selected, select the None link and then

35


select an e-mail template from the drop-down list. Select Refresh to refresh the


o Users in the selected notification profile – Select this checkbox to send an alert e-mail to the recipients in the selected alert notification profile. If this checkbox is selected, select the corresponding None links and then select an alert notification profile and e-mail template from the drop-down lists. Select Refresh

to refresh the notification profile list and e-mail template list.





o

compliance guardian online user guideavepointcdn.azureedge.net/pdfs/en/user_guides/compliance... ·...

Documents