Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 23 Next »

Contents

Document Details

Prepared By

Reviewed By

Date

Document Version

Software Version

Ashima Agarwal

Artem Kalaitan

13-June-2022

V 1

V 2.8

Ashima Agarwal

Artem Kalaitan

25-July-2022

V2

V 2.10

Ashima Agarwal

Artem Kalaitan

10-Aug-2022

V4

V 2.10

Synergy

This document has two major sections

  • Agent

    • Agent Configuration

    • Agent Management

    • Reports

  • Administration

    • Pattern Matching

    • User Management

Agent

Deployment

A link to the agent deployment document is added below:

 Agent Deployment
Unable to render {include} The included page could not be found.

Configuration best practices

Please see the below document for best practices:

 Best Practice

Contents

Introduction to Getvisibility Synergy Pro

Overview

With state-of-the-art machine learning algorithms, Getvisibility combines natural language processing with neural networks. This allows us to classify unstructured data across organisations with unparalleled accuracy and speed.

Using machine learning rather than traditional pattern matching (regular expressions) and dictionary lookup methods allows Getvisibility to understand the context of a document, thereby increasing accuracy. As the neural network does most of the work, organisations no longer must embark on the laborious and expensive task of creating rules and regex hits per department and document type. Getvisibility’s customisable tag set enables users to apply company-specific classification to their unstructured data, which the neural network learns with increasing accuracy. Training of the neural network can be done through our user-friendly interface, eliminating the need for the highly qualified engineers and data scientists associated with traditional methods.

The Getvisibility classification tool is built on sophisticated machine learning algorithms to enable organizations to discover, classify and secure their most sensitive data. The Getvisibility platform combines smart agent technology and machine learning to provide a uniquely powerful solution for data classification and tagging. This is the first solution to enable automated, historical and manual classification with one deployment. This is unique but it also has a very significant value dramatically improving the quality of the manual classification process by leveraging the advanced AI model and understanding of historically created data.

Data Classification Overview

Data classification is a foundational step in cybersecurity threat management. It entails identifying what information is being processed and saved in various data systems. Additionally, it involves deciding the sensitivity of this information and the probable impact should the information confront compromise, loss, or abuse. To ensure successful threat management, organisations must aim to categorise data by working backwards in the contextual usage of their information. The must also generate a categorisation scheme that takes into consideration whether a specified use-case contributes to significant impact to a company's operations (e.g. if information remains confidential, must have ethics, and/or be accessible).

Data Classification Value

Data classification has been used for decades to help businesses make determinations for protecting sensitive or critical data with proper levels of protection. Irrespective of whether the information is stored or processed on-premise or in the cloud, data classification is a beginning point for determining the right amount of controls to the confidentiality, integrity, and accessibility of information based on danger to your business. Data classification permits organisations to assess data based on sensitivity and business effect. This helps the organisation evaluate risks related to various kinds of information. Each information classification level should be related to a recommended baseline set of safety controls that offer security against vulnerabilities, threats, and risks connected with the designated protection degree.

It's essential to be aware of the dangers of over classifying data. Occasionally, organisations may widely misclassify large sets of information by assigning the data with the highest or top classification level. This over-classification can incur unnecessary costs by introducing too many expensive security controls, affecting business operations. This strategy may also divert focus on less crucial datasets and restrict business use of their data via unnecessary compliance demands as a result of over classification.

Getvisibility Products

Getvisibility Synergy Pro & Synergy

The Getvisibility Synergy Pro and Synergy are designed to help your organisation classify and project your data in use, new data and data in motion. The solution works for in-cloud and on-prem applications.

Getvisibility Focus enables automated, accurate and timely legacy data discovery and classification of both new and legacy data. The get visibility solution gives organisations an overview of all their data, tailored to how they want that data to be displayed and monitored.

Getvisibility offers contextual classification, empowering the data with appropriate metadata and enhancing the usage of that data throughout the organisation.

Components

  • Data classification levels (levels, descriptions, data examples)

  • Risks

  • Data Access and Control

  • Transmission

  • Storage

  • Documented Backup and Recovery Procedures

  • Documented Data Retention Policy

  • Audit Controls

Typical levels

  • Public

  • Internal

  • Restricted or Sensitive

  • Confidential

  • Regulated or Protected (Optional)

Data Classification Typical Levels

Public

Such data is available for anyone to see, for example:

  • Brochures

  • White paper/Public Standard

Internal

Such data is generally available to all staff and students, for example:

  • Internal correspondence

  • Committee papers, meeting minutes

  • Internal policies and procedures

Restricted or Sensitive

Accessible by restricted members of staff or students on a need to know basis. Often containing sensitive personal data. Loss of such data results in legal action, reputational damage or financial loss.
Examples:

  • Personal/Employee Data

  • Business/Financial Data

  • Academic/Research Information (i.e. unpublished, or confidential research, or funding information)

Confidential

Accessible only to designated or relevant members of staff due to its potential impact on the organisation that could result in legal action, reputational damage or financial loss.
Examples:

  • Payrolls, salaries info

  • HR personnel records

  • Credit card and financial account information

  • Internal investigation information

  • Intellectual property

  • All legal and attorney-client communications

  • Medical records

  • Detailed budgets or financial reports

Protected or Regulated

This is a special category to represent multiple regulations, for example as HIPAA or ITAR. Loss of such data results in a major legal action and a massive financial loss. Protection of such information is required by law/regulation or required by the government to self-report.
Examples:

  • Sensitive personal data (Physical or mental health, Criminal convictions, etc)

  • Medical Research (HIPAA)

  • Academic research regulated by Export Controls (ITAR/EAR) export-related security controls on information that is subject to a Technology Control Plan

  • Student information classified under FERPA

  • Credit card information covered by PCI-DSS rules

  • Court or national security orders that prohibit disclosure (e.g., subpoenas, National Security Letters)

Data Access and Control

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Access

No restrictions

Only staff and non-employees based on their duties

Only designated individuals with approved access and who is entitled to use it.

Only designated individuals with approved access.

Dissemination is strictly

limited to authorised

personnel only.

Only a few individual users being entitled to see or use the data. Dissemination is strictly

limited to authorised

personnel only.

Transmission

No restrictions

Information may be placed

in shared folders, company managed cloud storages and sent

via internal email.

Should only be shared in folders

with restricted access or transmitted securely via a protected electronic messaging system (e-mail, etc)

Should only be transmitted

electronically with acceptably encrypted

format and/or within a dissemination list.

Should only be transmitted

electronically with acceptably encrypted

format and/or within a dissemination list.

Storage

No restrictions

Information should be stored in shared folders and in company managed cloud storages.

Should only be held in folders

with restricted access.

Information should be held

only in restricted areas of the organisations network.

Information should be held

only in restricted areas of the organisations network.

Data Storage Example of a Guide

Service

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Default Home (Z:) Drive

Confluence/Wiki

Email

Sharepoint

Full Disk Encrypted Systems

Unencrypted Workstations

Enterprise Office 365

Data Backup

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Backup

Encouraged

Encouraged

Required (should be required by an internal policy)

Required (should be required by an internal policy)

Required (required by a regulation)

Data Retention

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Retention

Encouraged

Encouraged

Required (should be required by an internal policy)

Required (should be required by an internal policy)

Required (required by a regulation)

Audit Controls

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Audit controls

Not required

Encouraged

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

Sample flowchart for determining Data Classification

Best Practices for Configuration Wizard

a. Configure Compliance screen with the required Compliance standards:

Getvisibility comes with out of the box compliance standards shown in the agent.

Organisations can customize the classification options which appear on the end-user agent to align with internal policies or already implemented data loss prevention solutions. This is an optional feature, if you do not wish to show compliance standards in the agent, simply tick the ‘Disable Compliance’ option

b. Classification TAGS: Which classification tags will the end user be able to view & select?

c. Which Plugins will be active for the end-user?

d. Enforcement rule related to MS WORD, MS EXCEL, and MS POWERPOINT

Enforcement rules determine the necessity for end-users to classify a document before saving or printing. The enforcement options available are:

1. Enforce (or Force)

2. Warn

3. Log & Ignore

Please review all available options in dropdown (like Force, Warn and Log & Ignore),

Keep the checkbox of “User lowers classification level of a classified document” un-checked - This will not allow the end-user to later lower the classification of the document after saving.

e. Visual Tagging and Labeling for MS WORD, MS POWERPOINT and MS EXCEL

Visual labeling refers to the visual changes made to a document once classified. This includes customized:

1. Headers (You can change the text to Forcepoint {classification})

2. Footers: (You can change the text to Forcepoint {classification})

3. Watermarking: (You can change the text to (<span>Forcepoint {classification}</span>))

f. Outlook Policies

The Getvisibility Synergy Pro will sit within the ribbon of your Microsoft Outlook application. Organizations can configure how they want this agent to work within their application, customizing enforcement rules and visual markings. You will also notice an option ‘Inherit minimal classification from classified attachment’. This means for example, that if an attached document is classified as Internal, the end-user may classify the email as Internal or Confidential but not as Public.

Same like above for MS Word, Excel and Powerpoint, we follow Enforcement and Visual tagging rule for MS Outlook now

Enforcement Rules

Enforcement rules determine the necessity for end-users to classify an email before sending or printing. The enforcement options available are:

1. Enforce

2. Warn

3. Log & Ignore

g. Outlook Visual Tagging

Visual labeling refers to the visual changes made to an email once classified. This includes customized:

1. Headers: (You can change the text to Forcepoint {classification} or anything of your choice)

2. Footers: (You can change the text to Forcepoint {classification} or anything of your choice)

h. Sharing restrictions: Configure PUBLIC emails

Sharing restrictions can be configured through the wizard and enforced through Outlook. Sharing rules are configured depending on the classification level of the email.

This enforces sharing rules for end-users, depending on the classification level of the email. These options are

1. Allow

2. Warn

3. Block

Exceptions

This is an optional feature which allows administrators to create a whitelist of email addresses that will be exempt from the sharing restrictions enforced above. This is a useful feature in ensuring restrictions do not negatively impact daily operations, while still maintaining a least privileges approach to data sharing.

i. Configure INTERNAL Emails

Select the BLOCK option and create an exception for the internal domain under “Allowed” emails. You can add any internal domain like “forcepoint.com” or “forcegv.com”

j. Configure CONFIDENTIAL email

For this LAB purpose will select WARN option and create exception for Internal domains under “Allowed” emails and for non-trusted domain (like gmail.com) under blocked emails

You can add “forcepoint.com” and “forcegv.com” under allowed emails list

You can add “gmail.com” under blocked email list

The expected behavior for this rule would be

Always “WARN” user when a CONFIDENTIAL classified email is sent out, except allow when CONFIDENTIAL email is sent to Forcepont.com & Block when CONFIDENTIAL classified email is sent to “Gmail.com”

k. Click NEXT and FINISH

l. Click RESTART

Agent Configuration

Login into system and Navigate to the agent configuration

Login into the GV application using the credentials given to you

The agent configuration page will be opened by default.

The dashboard UI offers a wizard to set/update an agent configuration. There are three possible ways to setup the configuration:

Configuration Import Mode: Using this mode, the user can upload an existing configuration from local files. Please note that only JSON format is accepted. A validity check will be done, and an error message is shown in case the file does not have valid JSON content. This mode is usually used by Getvisibility professional services as a part of their personalisation work.

Expert Mode: This mode is useful when the user wants to manually edit the agent configuration at their own risk. Like the previous mode, if the content is not a valid JSON or is not a valid agent configuration structure, a list of errors will be displayed to the user.

Configuration Wizard Mode: This mode is the easiest to use and guides the user through configuring the rules and uses for the agents. When the user chooses this mode, they will be guided through a few steps to set agent configuration fields one by one.

The three configuration modes are displayed as below:

The first option of Configuration Import can be used by simply uploading the config file. Click on the Configuration Import option and the dialog box will open where the user must select a JSON file.

The configuration will be uploaded. When the user clicks Finish the new config will be saved

In the below section we will go through the various configurable options that can be applied to the agent using both Expert mode and Wizard mode:

Compliance

Compliance is the act of conforming to a company directive, rule, policy, or standard or law. Some common compliance regulations and labels are: GDPR, PII, HIPAA, PHI, PCI. Getvisbility agent gives the user two options to customise and configure compliance as per their requirements.

Expert Mode

Using Expert Mode, the user can add compliance tags by making changes in the agent configuration JSON file. One can add custom compliance or any of the standard compliance tags.

  • Click on the Expert Mode

  • Scroll down to the compliance section

  • Add the values

    • It can be seen below that EAR/US and CustomCompliaceExample have been added

  • Click on the Finish

‘Configuration saved successfully’ message will be displayed on the screen along with the OK button.

  • Click on the OK button and the user is returned to the main Getvisibility agent configuration page.

  • To verify the Configuration, open a word document, click on the Getvisibility icon in the top-right of the ribbon. The user will be able to see the custom tags.

M Wizard Mode

Using the Wizard mode, the user can select the compliance by selection the check box on screen.

  • Click on the Configuration Wizard Mode

  • Below GDPR/PII has been selected as a compliance tag. Click Next.

Keep clicking on Next if you only want to change compliance tags. The Last step of the wizard is displayed below.

Click Finish and following message will be displayed

To verify the Configuration, open a word document, click on the Getvisibility icon on the top-right of the ribbon. The user will be able to see the selected tags.

Classification

Data classification is broadly defined as the process of organising data by relevant categories so that it may be used and protected more efficiently. On a basic level, the classification process makes data easier to locate and retrieve. By default, the classification is Public, Internal and Confidential.

Expert Mode

Using Expert Mode, the user can add classification tags by making changes in the JSON file on the agent itself. One can add custom classification or any of the standard classification.

  • Click on the Expert Mode

  • Scroll down to the classification section

  • Add the values.

    • It can be seen below that CustomClassification has been added in expert mode as an example.

  • Click on the Finish Button

‘Configuration saved successfully’ message will be displayed on the screen along with the OK button.

  • Click on the OK button and the user if returned to the main GV agent configuration page.

  • To verify the Configuration, open a word document, click on the GV icon on the top right of ribbon and the user will be able to see the custom tags.

Wizard Mode

Using the Wizard mode, the user can select the classification by selecting the radio button on screen.

  • Click on the Configuration Wizard Mode

  • As seen below I have selected only Commercial Option as my classification and click Next.

Keep clicking on Next if you only want to change compliance and on the Last step of the wizard the agent will display as below.

Click Finish and following message will be displayed

To verify the Configuration, open a word document, click on the GV icon on the top right of ribbon and the user will be able to see the selected tags.

MS Office Plugins

This functionality will allow the user to select which MS Office application the configuration will be applicable to.

Expert Mode

Using the Expert mode, the user can enable/disable the Office Plugins by making changes in the Jason file on the agent itself.

  • Click on the Expert Mode

  • Scroll down to the Office Configuration section

  • Add the values.

    • It can be seen below that wordPluginActive is set to FALSE in expert mode as an example.

  • Click on the Finish Button

To verify the Configuration, open a word document, user will see that the GV icon on the top right is disabled, and user will not be able to click it.

Wizard Mode

Using the Wizard mode, the user can select the which application the configuration will be applicable to by selecting the check box on screen.

  • Click on the Configuration Wizard Mode

  • As seen below I have selected only Word Plugin as my option and click Next.

Keep clicking on Next if you only want to change compliance and on the Last step of the wizard the agent will display as below.

  • Click Finish and the settings will be applied.

  • To verify the Configuration, open a word document, and the user should be able to view the GV icon and if the user clicks on the icon the compliance and classifications box should be displayed.

To verify the Configuration, open a excel document, user will see that the GV icon on the top right is disabled, and user will not be able to click it

MS Office Policies & Visual Tagging

This functionality will allow the user to set various polies that the user would like to enforce on documents in MS Office applications.

Expert Mode

Using the Expert mode, the user can enable/disable the policies related to office by making changes in the Jason file on the agent itself.

  • Click on the Expert Mode

  • Scroll down to the OfficeConfiguration section

  • The polies that we can set are as below:

    • Header: - This will add a Header to the document. User can leave it empty or customize it as needed

    • Footer: - This will add a Footer to the document. User can leave it empty or customize it as needed

    • Watermark: - This will add a Watermark to the document. User can leave it empty or customize it as needed

    • TagBeforePrint: - Using this option you can Force, Warn or Log & Ignore the user to classify any document before printing.

    • TagDirtyBufferOnSave: - Using this option you can Force, Warn or Log & Ignore the user to classify any document before saving

    • AllowDescalation: - This option allows the user to lower classification level of a classified document.

    • ExcelTextForwardingActive: This is a scraping feature, it tells the plugin to scrape the text from within the app like Word or Excel and then forward it to the classifier for a suggestion, user can enable or disable this feature using True or False.

    • PowerpointSubtitle:- This will add a Subtitle to the PowerPoint. User can leave it empty or customize it as needed

    • PowerpointTitle:- This will add a Subtitle to the PowerPoint. User can leave it empty or customize it as needed

  • Example of Config is as below:

OfficeConfiguration :-

"header": "<span>Classified as {classification} by Ashima&reg;</span>",

"footer": "",

"watermark": "",

"tagDirtyBuffersOnSave": "force",

"tagBeforePrint": "ignore",

"allowDeEscalation": false,

"excelTextForwardingActive": false,

"powerpointSubtitle": "<span style = \"color:#556b2f;\"><strong>{classification}/{distribution}</strong></span>",

"powerpointTitle": ""

  • Click on the Finish Button

  • Verify the documents based on the config above

  • As per the config user should be able to see the header and the footer, watermark should be blank as displayed below.

If the user has manually edited the header or footer and then changed the classification of the document the agent will show a dialog box showing the notification for placing the new location of the classification like below:

The user selected Header Corner and as seen below the classification is placed in the corner without overriding the original header.

As tagDirtyBuffersOnSave = Force, the user cannot save the document without classifying it. The option to Dismiss the notification is disabled which will be enabled when the tagDirtyBuffersOnSave = Warn.

As tagBeforePrint = Warn the option to Dismiss the notification is enabled which will be disabled when the tagBeforePrint = Force and there will be no notification the tagBeforePrint = Log & Ignore.

As allowDeEscalation = False, the user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled:

  • As excelTextForwardingActive = False, text from the MS office app will not be sent to classifier for suggestions.

  • The PowerPoint Subtitle is be displayed and the Title is blank as per the config set above.

Wizard Mode

Using the Wizard mode, the user can enable/disable the policies related to MS office by making changes in the on the screen directly.

  • Click on the Configuration Wizard Mode

  • Navigate to Word, Excel, PowerPoint Policies

Keep clicking on Next if you only want to change compliance and on the Last step of the wizard the agent will display as below.

  • Click Finish and the settings will be applied.

  • Verify the documents based on the selection above

  • As per the selection user should be able to see the header and the footer, watermark should be blank as displayed below.

As user selected Force option, the user cannot save the document without classifying it. The option to Dismiss the notification is disabled which will be enabled when the user selects Warn

As User selected Warn option, the user can Dismiss the notification while printing which will be disabled when the user selects Force and there will be no notification for the Log & Ignore.

The user had not Checked the option where he can lower the classification so the he will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled:

Outlook Plugins

This functionality will allow the user to select Outlook application to set the configuration.

Expert Mode

Using the Expert mode, the user can enable/disable the Outlook Plugins by making changes in the Json file on the agent itself.

  • Click on the Expert Mode

  • Scroll down to the OutlookConfiguration section

  • Add the values.

    • It can be seen below that OutlookPluginActive is set to True in expert mode as an example.

  • Click on the Finish Button

  • Configuration saved successfully’ message will be displayed on the screen along with the OK button.

  • To verify the Configuration, open Outlook, user will see that the GV icon on the top right is enabled, and user will be able to click it and classify the email, if the OutlookPluginActive = false the same icon will be disabled.

Wizard Mode

Using the Wizard mode, the user can enable/disable the Outlook Plugins by making changes in the agent screen.

  • Click on the Configuration Wizard Mode

  • There is total 12 steps in Wizard and Outlook Plugin is on the third step.

  • As seen below I have selected Outlook as my option and click Next.

Keep clicking on Next if you only want to change compliance and on the Last step of the wizard the agent will display as below.

  • Click Finish and the settings will be applied.

  • To verify the Configuration, open a word document, and the user should be able to view the GV icon and if the user clicks on the icon the compliance and classifications box should be displayed.

Outlook Policies & Visual Tagging

This functionality will allow the user to set various polies that the user would like to enforce on documents when using Outlook.

Expert Mode

Using the Expert mode, the user can enable/disable the policies related to office by making changes in the Jason file on the agent itself.

  • Click on the Expert Mode

  • Scroll down to the OutlookConfiguration section

  • The polies that we can set are as below:

    • Header: - This will add a Header to the email. User can leave it empty or customize it as needed

    • Footer: - This will add a Footer to the email. User can leave it empty or customize it as needed

    • TagOnPrint: - Using this option you can Force, Warn or Log & Ignore the user to classify any modified email before printing.

    • TagOnSend: - Using this option you can Force, Warn or Log & Ignore the user to classify any modified email before sending

    • allowUnclassifiedAttachments - Using this option you can Block, Warn or Log & Allow the user to send unclassified attachments in email.

    • minAttachmentsTag - This option will allow the user to Inherit minimal classification from classified attachment to the email.

    • allowDescalation: - This option allows the user to lower classification level of a classified email.

    • autoClassifyReplyForwardEmails - This option allows the user to inherit the classification when replying or forwarding an email.

Example of Config is as below:

"outlookPluginActive": true,

"header": "<h2 style=\"font-style:italic\"><span style=\"font- size:14px\">Classified as {classification} by Getvisibility&reg; Ashima</span></h2>",

"footer": "",

"tagOnSend": "force",

"tagOnPrint": "force",

"allowUnclassifiedAttachments": "block",

"minAttachmentsTag": "block",

"allowDeEscalation": true,

"autoClassifyReplyForwardEmails": true,

  • Click on the Finish Button

  • Verify the documents based on the config above

  • As per the config user should be able to see the header and the footer should be blank as displayed below.

If the user changes the config and footer is added the config and the outlook will look as below:

"header": "<span style=\"color:#008004;\"><h2 style=\"font-style:italic\"><span style=\"font-size:14px\">Classified as {classification} by Getvisibility&reg; Ashima</span></h2></span>",

"footer": "<span style=\"color:#008004;\"><span><strong>Classified as {classification} by Getvisibility&reg; Adding Footer</strong></span></span>"

As tagOnSend = force, the user cannot send the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify the email.

  • As tagOnSend = Warn, the user will be able to send the email without classifying it. The option to Dismiss is to send the email and OK is to classify the email.

  • And if the tagOnSend = Log&Ignore then no notification will be displayed.

As tagOnPrint = force, the user cannot print the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify the email.

  • If tagOnPrint = Warn, the user will be able to send the email without classifying it. The option to Dismiss is to send the email and OK is to classify the email.

  • And if the tagOnPrint = Log&Ignore then no notification will be displayed.

  • allowUnclassifiedAttachments = Block, the user cannot send the any attachment in the email without classifying it.

  • allowUnclassifiedAttachments = Warn, the user will be able send the attachment in the email without classifying it but the agent will give a warning like shown below.

  • allowUnclassifiedAttachments = Log&Allow, the user will be able send the attachment in the email without classifying without any warning.

minAttachmentsTag = Block, in this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will not allow to send the email. The user will have to change the classification of either the attachment or the email, else will not be able to send the email.

minAttachmentsTag = Warn, in this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will only warn the user, but the user will still be able to send the email.

  • minAttachmentsTag = Log&Allow, the user will be able send any attachment in the email without any warning.

  • allowDeEscalation = False, the user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled.

autoClassifyReplyForwardEmails = False, the user has the option to set the classification for the forwarding/reply email and as seen below the original email is classified as internal but that is not inherited to while forward/reply email.

autoClassifyReplyForwardEmails = True, As seen below while forwarding the email, it has inherited the classification from the original email.

Wizard Mode

Using the Wizard mode, the user can enable/disable the policies related to Outlook by making changes in the on the screen directly.

  • Click on the Configuration Wizard Mode

  • There is total 12 steps in Wizard and Outlook polices starts from 6th step.

  • Below we will see the settings on the wizard and the result for the same.

  • The Header is selected on the wizard and footer is left blank

Verify the setting on outlook we can see the header but the not the footer.

If the user changes the setting and footer is added the config and the wizard and outlook will look as below:

Moving on to set the Outlook polices, the user has selected Force to classify and send the email, user cannot send the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify the email.

If the user Changes it to Warn to classify and send the email, user will be able send the email without classifying it but with a warning. The option to Dismiss is to send the email and OK is to classify the email.

The last option is of Log & ignore where user can send the email without classification and without any warning.

As the user has selected Force to classify and print the email, user cannot print the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify the email.

The other two options are Warn, Log&Ignore where the user will be able to print the email without classifying it. The option to Dismiss is to print the email and OK is to classify the email. And with the Lo&Ignore there will be no warning at all.

As user has selected Block, the user cannot send the any attachment in the email without classifying it.

The other two options are Warn where the user will be able send the attachment in the email without classifying it but the agent will give a warning like shown below and Log&Allow where the user will be able send the attachment in the email without classifying and without any warning.

The user has selected Block for the 4th option, in this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will not allow to send the email. The user will have to change the classification of either the attachment or the email, else will not be able to send the email as shown in the screen shot.

If user has selects Warn, in this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will only warn the user, but the user will still be able to send the email.

  • The final option here also is Log&Allow, where the user will be able send any attachment in the email without any warning.

  • The checkbox User lowers classification level of a classified email in unchecked, the user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled.

The checkbox Inherit classification when Reply and Forward emails in unchecked, the user has the option to set the classification for the forwarding/reply email and as seen below the original email is classified as internal but that is not inherited to while forward/reply email.

The checkbox Inherit classification when Reply and Forward emails in checked, As seen below while forwarding the email, it has inherited the classification from the original email.

Configure Emails

Expert Mode

Using the Expert mode, the user can enable/disable default policies related to email by making changes in the Jason file on the agent itself.

  • Click on the Expert Mode

  • Scroll down to the configurationOverrides section

  • The polies that we can set are as below:

    • Classification: - Here the user can select which type of email he wants to configure. The options are Public/Internal/Confidential/Highly Confidential

    • DefaultEmailPolicy: - Here the user can set if he wants to Block/Allow/Warn about the email.

    • BlockList: - The agent gives the option to create a blocklist of specific recipients. User will just have to add the email id of recipient in the list.

    • WarnList: - The agent gives the option to create a warnlist of specific recipients. User will just have to add the email id of recipient in the list.

    • AllowList: - The agent gives the option to create an allowlist of specific recipients. User will just have to add the email id of recipient in the list.

  • Sample config file is as below:

"configurationOverrides": [

"classification": "Public"

"defaultEmailPolicy": "block",

"blockList": [],

"warnList": ["aagarwal@getvisibility.com],

"allowList": []

  • The above configuration says that for Public type emails are blocked for sending, except for the recipient aagarwal@getvisibility.com, whom the email can be sent but with a warning message.

  • Validating the configuration as below. Since all the Public emails are blocked from sending and the recipient lab user is not on the Allow or Warn list the email can be sent.

If we change the recipient to aagarwal@getvisibility.com, agent will give only a warning as the recipient was in the warn list, but the email can still be sent.

Wizard Mode

Using the Wizard mode, the user can enable/disable the policies related to Outlook by making changes in the on the screen directly.

  • Click on the Configuration Wizard Mode

  • There is total 12 steps in Wizard and Outlook polices starts from 8th step.

  • As shown below the Public emails are by default set to Block but 1 recipient is allowed to send the email with a warning.

Validating the configuration as below. Since all the Public emails are blocked from sending and the recipient lab user is not on the Allow or Warn list the email can be sent.

If we change the recipient to aagarwal@getvisibility.com, agent will give only a warning as the recipient was in the warn list, but the email can still be sent.

The same settings can be done for Internal/Confidential/Highly Confidential emails as well with one additional option to copy the configuration from the previous classification.

Generic Settings

WriteMetadataTags :-

This property will capture the details about the agent in office applications. The below screenshot is from the config file.

In the MS Word the details can be seen as below:

SelectableByWhitelist:

Based on the distribution list, the email addressed in this list will be the once that the outlook plugin will allow sending emails to.

AllowInternalToExternal:

Based on the distribution list, this property allows to share a file in outlook irrespective of the distribution value.

MaxNumberOfRecipients:

This property allows to set the maximum number of people the user wants to send the email to.

SuggestionOptions:

This tag will allow the user to configure the options user want to show while showing the suggestion box on Ms office or Outlook.

AgentDialogConfiguration

This tag will allow the user to customize the options user want to show while show like compliance, classification etc.

DistributionTags:

Additional feature to classify the documents/emails. Few examples are: Internal/Restricted/ External/Limited

AutoLabelling

This optional feature allows to automatically classify with a default label all newly created docs in Word, Excel,Powerpoint and Outlook emails. It is possible to individually set the default label for each plugin individually. User will be able to select the classification label that he wants to apply to documents and email and when there is edit or change in the file and the file is saved the selected classification will be applied. Setting Autolabelling will allow the user to not to classify the documents every time the file is printed or saved, the classification will happen automatically.

Expert Mode:

The property used in Expert Mode are: defaultClassificationValue. We can see below that the defaultClassificationValue is set for Outlook, Word,Excel and PoperPoint.

Wizard Mode for Word, Excel and PowerPoint:

Wizard Mode for Outlook:

Caution

While using the expert mode the user has to be extra careful about the small details like punctuations and formatting of the file, else the agent will through and error like below.

Reports

There are two reports related to Synergy as shown below:

Agent Activity Report

For users of Getvisibility Synergy that want an overview of the users' events using GVClient agents in MS Office and Outlook. Extensive tables detailing classification and email events are provided.

Agent Incident Report

For users of Getvisibility Synergy, this report gives an overview of the security related activity undertaken by users of GVClient agents. It visualises data such as: de-escalations, mis-classifications, and confidential data in infographic form to give organisation’s a quick understanding of the data their users are passing through their network.

Agent Management

Agent Management gives the user a high-level status of all the agents installed. Details like Name of agent, the IP address and When was the agent last seen is shown on this dashboard. User can also see if the agent is Online or not. The facility to filter the agent based on Name, Health and State also is provided.

Administration

Pattern Matching

Using Pattern Matching UI you can view, save, create and edit regex pattern, then the backend will process it and agent give suggestions based on the regex created.

Click on the Add New Button to create a new Regex pattern, a new window will open to enter the regex pattern

Add a new regex pattern, we are creating a regex for Student ID which is made of 7 digits and 2 letters

The tags and be added for the new regex as shown below and click on Create

As you can see the new pattern in created but right now it is unpublished

User also has the option to Edit/Delete the regex patten

After clicking on Publish, the classification services starts so that the backend can process the new regex pattern

User can see the confirmation message for published changes:

Once the changes are published wait for few minutes, then open the document and enter the regex pattern you had created, in this example we had created for 7 digits and 2 letters.

As you can see below we have entered the student ID as per the regex and we can see the agent giving us the suggestion that is is GDPR/PII:100% and Classification as Confidential.

User can then select on Use Suggested; GDPR/PII and Confidential will get selected and the documents will be classified.

User also has the option to ignore the suggestion and use any other values to classify.

User Management

Using the user management users will be able to create new users to access the application. There are 2 ways to create new users:

Using the portal

Click on the User Management option of the portal

User will be asked to login into keycloak portal (Credentials will be shared separately)

Navigate to the User Section and click on the Add User Button

Click on the Save:

Click in credentials user will be able to set the password for the new login, using this method we can create a new user or view the existing users.

Using LDAP method

For the LDAP method please refer the below document for details:

 Click here to expand...
Unable to render {include} The included page could not be found.

End of Document

  • No labels

Classified as Getvisibility - Partner/Customer Confidential