/w=1920,quality=90,fit=scale-down)
/w=1920,quality=90,fit=scale-down)
What you need to know
- In this section, we'll see how to understand an Insight with pre-filtered data and possible mitigation steps.
- You need to be logged in to the Policy Server portal as an administrator with access to all repositories.
Step-by-step
- In this card, we see that data extraction activities (where authorized users have unprotected and/or printed data) have increased by 30% last week on sensitive files and emails (files and emails classified with high sensitivity labels) by external users.
- In other words, activities were data was taken out from sensitive protected files and emails by external users have increased considerably in the last week.
- This insight could lead you to check who these external users are and how long they have been doing it. Click on the insight to view these details and an in-depth view.
Here, you see the following details:
- number of print activities
- a trend of print activities
- which external domains have printed files/emails
- the classification labels of these files/emails
- and the location of users who printed these files/emails.
This could prompt you to revoke access of users from acme.com, remove Print permission, or set up IP restrictions that won't allow users from a specific region to access files and emails.
Related articles
/w=1920,quality=90,fit=scale-down)
Analyzing and Mitigating Risk/w=1920,quality=90,fit=scale-down)
Classification Analytics/w=1920,quality=90,fit=scale-down)
Protection AnalyticsDid we miss something? Not to worry! Just email our support team at support@seclore.com