Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 36 Next »

Contents

Synergy

This document has two major sections

  • Agent

    • Agent Configuration

    • Agent Management

    • Reports

  • Administration

    • Pattern Matching

    • User Management

Agent

Deployment

Please refer the document attached below for deployment steps

Unable to render {include} The included page could not be found.

Configuration best practices

Please see the below document for best practices:

Contents

Introduction to Getvisibility Synergy Pro

Overview

With state-of-the-art machine learning algorithms, Getvisibility combines natural language processing with neural networks. This allows us to classify unstructured data across organisations with unparalleled accuracy and speed.

Using machine learning rather than traditional pattern matching (regular expressions) and dictionary lookup methods allows Getvisibility to understand the context of a document, thereby increasing accuracy. As the neural network does most of the work, organisations no longer must embark on the laborious and expensive task of creating rules and regex hits per department and document type. Getvisibility’s customisable tag set enables users to apply company-specific classification to their unstructured data, which the neural network learns with increasing accuracy. Training of the neural network can be done through our user-friendly interface, eliminating the need for the highly qualified engineers and data scientists associated with traditional methods.

The Getvisibility classification tool is built on sophisticated machine learning algorithms to enable organizations to discover, classify and secure their most sensitive data. The Getvisibility platform combines smart agent technology and machine learning to provide a uniquely powerful solution for data classification and tagging. This is the first solution to enable automated, historical and manual classification with one deployment. This is unique but it also has a very significant value dramatically improving the quality of the manual classification process by leveraging the advanced AI model and understanding of historically created data.

Data Classification Overview

Data classification is a foundational step in cybersecurity threat management. It entails identifying what information is being processed and saved in various data systems. Additionally, it involves deciding the sensitivity of this information and the probable impact should the information confront compromise, loss, or abuse. To ensure successful threat management, organisations must aim to categorise data by working backwards in the contextual usage of their information. The must also generate a categorisation scheme that takes into consideration whether a specified use-case contributes to significant impact to a company's operations (e.g. if information remains confidential, must have ethics, and/or be accessible).

Data Classification Value

Data classification has been used for decades to help businesses make determinations for protecting sensitive or critical data with proper levels of protection. Irrespective of whether the information is stored or processed on-premise or in the cloud, data classification is a beginning point for determining the right amount of controls to the confidentiality, integrity, and accessibility of information based on danger to your business. Data classification permits organisations to assess data based on sensitivity and business effect. This helps the organisation evaluate risks related to various kinds of information. Each information classification level should be related to a recommended baseline set of safety controls that offer security against vulnerabilities, threats, and risks connected with the designated protection degree.

It's essential to be aware of the dangers of over classifying data. Occasionally, organisations may widely misclassify large sets of information by assigning the data with the highest or top classification level. This over-classification can incur unnecessary costs by introducing too many expensive security controls, affecting business operations. This strategy may also divert focus on less crucial datasets and restrict business use of their data via unnecessary compliance demands as a result of over classification.

Getvisibility Products

Getvisibility Synergy Pro & Synergy

The Getvisibility Synergy Pro and Synergy are designed to help your organisation classify and project your data in use, new data and data in motion. The solution works for in-cloud and on-prem applications.

Getvisibility Focus enables automated, accurate and timely legacy data discovery and classification of both new and legacy data. The get visibility solution gives organisations an overview of all their data, tailored to how they want that data to be displayed and monitored.

Getvisibility offers contextual classification, empowering the data with appropriate metadata and enhancing the usage of that data throughout the organisation.

Components

  • Data classification levels (levels, descriptions, data examples)

  • Risks

  • Data Access and Control

  • Transmission

  • Storage

  • Documented Backup and Recovery Procedures

  • Documented Data Retention Policy

  • Audit Controls

Typical levels

  • Public

  • Internal

  • Restricted or Sensitive

  • Confidential

  • Regulated or Protected (Optional)

Data Classification Typical Levels

Public

Such data is available for anyone to see, for example:

  • Brochures

  • White paper/Public Standard

Internal

Such data is generally available to all staff and students, for example:

  • Internal correspondence

  • Committee papers, meeting minutes

  • Internal policies and procedures

Restricted or Sensitive

Accessible by restricted members of staff or students on a need to know basis. Often containing sensitive personal data. Loss of such data results in legal action, reputational damage or financial loss.
Examples:

  • Personal/Employee Data

  • Business/Financial Data

  • Academic/Research Information (i.e. unpublished, or confidential research, or funding information)

Confidential

Accessible only to designated or relevant members of staff due to its potential impact on the organisation that could result in legal action, reputational damage or financial loss.
Examples:

  • Payrolls, salaries info

  • HR personnel records

  • Credit card and financial account information

  • Internal investigation information

  • Intellectual property

  • All legal and attorney-client communications

  • Medical records

  • Detailed budgets or financial reports

Protected or Regulated

This is a special category to represent multiple regulations, for example as HIPAA or ITAR. Loss of such data results in a major legal action and a massive financial loss. Protection of such information is required by law/regulation or required by the government to self-report.
Examples:

  • Sensitive personal data (Physical or mental health, Criminal convictions, etc)

  • Medical Research (HIPAA)

  • Academic research regulated by Export Controls (ITAR/EAR) export-related security controls on information that is subject to a Technology Control Plan

  • Student information classified under FERPA

  • Credit card information covered by PCI-DSS rules

  • Court or national security orders that prohibit disclosure (e.g., subpoenas, National Security Letters)

Data Access and Control

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Access

No restrictions

Only staff and non-employees based on their duties

Only designated individuals with approved access and who is entitled to use it.

Only designated individuals with approved access.

Dissemination is strictly

limited to authorised

personnel only.

Only a few individual users being entitled to see or use the data. Dissemination is strictly

limited to authorised

personnel only.

Transmission

No restrictions

Information may be placed

in shared folders, company managed cloud storages and sent

via internal email.

Should only be shared in folders

with restricted access or transmitted securely via a protected electronic messaging system (e-mail, etc)

Should only be transmitted

electronically with acceptably encrypted

format and/or within a dissemination list.

Should only be transmitted

electronically with acceptably encrypted

format and/or within a dissemination list.

Storage

No restrictions

Information should be stored in shared folders and in company managed cloud storages.

Should only be held in folders

with restricted access.

Information should be held

only in restricted areas of the organisations network.

Information should be held

only in restricted areas of the organisations network.

Data Storage Example of a Guide

Service

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Default Home (Z:) Drive

Confluence/Wiki

Email

Sharepoint

Full Disk Encrypted Systems

Unencrypted Workstations

Enterprise Office 365

Data Backup

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Backup

Encouraged

Encouraged

Required (should be required by an internal policy)

Required (should be required by an internal policy)

Required (required by a regulation)

Data Retention

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Retention

Encouraged

Encouraged

Required (should be required by an internal policy)

Required (should be required by an internal policy)

Required (required by a regulation)

Audit Controls

Classification

Public

Internal

Restricted or Sensitive

Confidential

Regulated or Protected

Audit controls

Not required

Encouraged

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

An organisation must actively monitor and review their systems and procedures for potential misuse and/or unauthorized access.

Sample flowchart for determining Data Classification

Best Practices for Configuration Wizard

a. Configure Compliance screen with the required Compliance standards:

Getvisibility comes with out of the box compliance standards shown in the agent.

Organisations can customize the classification options which appear on the end-user agent to align with internal policies or already implemented data loss prevention solutions. This is an optional feature, if you do not wish to show compliance standards in the agent, simply tick the ‘Disable Compliance’ option

b. Classification TAGS: Which classification tags will the end user be able to view & select?

c. Which Plugins will be active for the end-user?

d. Enforcement rule related to MS WORD, MS EXCEL, and MS POWERPOINT

Enforcement rules determine the necessity for end-users to classify a document before saving or printing. The enforcement options available are:

1. Enforce (or Force)

2. Warn

3. Log & Ignore

Please review all available options in dropdown (like Force, Warn and Log & Ignore),

Keep the checkbox of “User lowers classification level of a classified document” un-checked - This will not allow the end-user to later lower the classification of the document after saving.

e. Visual Tagging and Labeling for MS WORD, MS POWERPOINT and MS EXCEL

Visual labeling refers to the visual changes made to a document once classified. This includes customized:

1. Headers (You can change the text to Forcepoint {classification})

2. Footers: (You can change the text to Forcepoint {classification})

3. Watermarking: (You can change the text to (<span>Forcepoint {classification}</span>))

f. Outlook Policies

The Getvisibility Synergy Pro will sit within the ribbon of your Microsoft Outlook application. Organizations can configure how they want this agent to work within their application, customizing enforcement rules and visual markings. You will also notice an option ‘Inherit minimal classification from classified attachment’. This means for example, that if an attached document is classified as Internal, the end-user may classify the email as Internal or Confidential but not as Public.

Same like above for MS Word, Excel and Powerpoint, we follow Enforcement and Visual tagging rule for MS Outlook now

Enforcement Rules

Enforcement rules determine the necessity for end-users to classify an email before sending or printing. The enforcement options available are:

1. Enforce

2. Warn

3. Log & Ignore

g. Outlook Visual Tagging

Visual labeling refers to the visual changes made to an email once classified. This includes customized:

1. Headers: (You can change the text to Forcepoint {classification} or anything of your choice)

2. Footers: (You can change the text to Forcepoint {classification} or anything of your choice)

h. Sharing restrictions: Configure PUBLIC emails

Sharing restrictions can be configured through the wizard and enforced through Outlook. Sharing rules are configured depending on the classification level of the email.

This enforces sharing rules for end-users, depending on the classification level of the email. These options are

1. Allow

2. Warn

3. Block

Exceptions

This is an optional feature which allows administrators to create a whitelist of email addresses that will be exempt from the sharing restrictions enforced above. This is a useful feature in ensuring restrictions do not negatively impact daily operations, while still maintaining a least privileges approach to data sharing.

i. Configure INTERNAL Emails

Select the BLOCK option and create an exception for the internal domain under “Allowed” emails. You can add any internal domain like “forcepoint.com” or “forcegv.com”

j. Configure CONFIDENTIAL email

For this LAB purpose will select WARN option and create exception for Internal domains under “Allowed” emails and for non-trusted domain (like gmail.com) under blocked emails

You can add “forcepoint.com” and “forcegv.com” under allowed emails list

You can add “gmail.com” under blocked email list

The expected behavior for this rule would be

Always “WARN” user when a CONFIDENTIAL classified email is sent out, except allow when CONFIDENTIAL email is sent to Forcepont.com & Block when CONFIDENTIAL classified email is sent to “Gmail.com”

k. Click NEXT and FINISH

l. Click RESTART

Agent Configuration

Login into system and navigate to the agent configuration

Login into the Getvisibilityapplication using the credentials given to you

The agent configuration page will be opened by default.

The dashboard UI offers a wizard to set/update an agent configuration. There are three possible ways to setup the configuration:

Configuration Import Mode: Using this mode, the user can upload an existing configuration from local files. Please note that only JSON format is accepted. A validity check will be done, and an error message is shown in case the file does not have valid JSON content. This mode is usually used by Getvisibility professional services as a part of their personalisation work.

Expert Mode: This mode is useful when the user wants to manually edit the agent configuration at their own risk. Like the previous mode, if the content is not a valid JSON or is not a valid agent configuration structure, a list of errors will be displayed to the user.

Configuration Wizard Mode: This mode is the easiest to use and guides the user through configuring the rules and uses for the agents. When the user chooses this mode, they will be guided through a few steps to set agent configuration fields one by one.

The three configuration modes are displayed as below:

The first option of Configuration Import can be used by simply uploading the config file. Select the Configuration Import option and the dialog box will open where the user must select a JSON file.

The configuration will be uploaded. When the user Selects Finish the new config will be saved

In the below section we will go through the various configurable options that can be applied to the agent using both Expert mode and Wizard mode:

Compliance

Compliance is the act of conforming to a company directive, rule, policy, or standard or law. Some common compliance regulations and labels are: GDPR, PII, HIPAA, PHI, PCI. Getvisbility agent gives the user two options to customise and configure compliance as per their requirements.

Expert Mode

Using Expert Mode, the user can add compliance tags by making changes in the agent configuration JSON file. One can add custom compliance or any of the standard compliance tags.

  • Select Expert Mode

  • Scroll down to the compliance section

  • Add the values

    • It can be seen below that EAR/US and CustomCompliaceExample have been added

  • Select Finish

‘Configuration saved successfully’ message will be displayed on the screen along with the OK button.

  • Select the OK button and the user is returned to the main Getvisibility agent configuration page.

  • To verify the Configuration, open a word document, Select the Getvisibility icon in the top-right of the ribbon. The user will be able to see the custom tags.

Wizard Mode

Using Wizard Mode, the user can select the compliance tags selecting the check box on screen.

  • Select Configuration Wizard Mode

  • Below, GDPR/PII has been selected as a compliance tag. Select Next.

Keep Selecting Next to only change the compliance tags. The Last step of the wizard is displayed below.

Select Finish and following message will be displayed

To verify the Configuration, open a Word document, Select the Getvisibility icon on the top-right of the ribbon. The user will be able to see the selected tags.

Classification

Data classification is broadly defined as the process of organising data by relevant categories so that it may be used and protected more efficiently. On a basic level, the classification process makes data easier to locate and retrieve. By default, the Getvisibility classification is Public, Internal and Confidential.

Expert Mode

Using Expert Mode, the user can add compliance tags by making changes in the agent configuration JSON file. One can add custom compliance or any of the standard compliance tags.

  • Select Expert Mode

  • Scroll down to the classification section

  • Add the values.

    • It can be seen below that CustomClassification has been added in Expert Mode

  • Select the Finish button

‘Configuration saved successfully’ message will be displayed on the screen along with the OK button.

  • Select the OK button.The user is returned to the main Getvisibility agent configuration page.

  • To verify the Configuration, open a Word document, Select the Getvisibility icon on the top-right of the ribbon. The user will be able to see the custom tags.

Wizard Mode

The user can select the classification by selecting the radio button on screen.

  • Select the Configuration Wizard Mode

  • The user has selected Commercial Option as classification

  • Select Next.

Keep Selecting Next to only change the compliance tags.The Last step of the wizard the agent will be displayed.

Select Finish and following message will be displayed

To verify the Configuration, open a Word document, Select the Getvisibility icon on the top-right of the ribbon. The user will be able to see the selected tags.

MS Office Plugins

This functionality will allow the user to select which MS Office application the configuration will be applicable to.

Expert Mode

Using Expert mode, the user can enable/disable the Office Plugins by making changes the agent configuration JSON file.

  • Select Expert Mode

  • Scroll down to the Office Configuration section

  • Add the values.

    • It can be seen below that wordPluginActive is set to FALSE

  • Select the Finish button

To verify the Configuration, open a Word document, the user will see that the Getvisibility icon on the top-right is disabled. The user will not be able to Select it.

Wizard Mode

Using Wizard Mode, the user can select the which application the configuration will be applicable to by selecting the check-box on screen.

  • Select Configuration Wizard Mode

  • As seen below, the user has selected only Word Plugin as the option. Select Next.

Keep Selecting Next to only change the compliance tags. The Last step of the wizard the agent will display:

  • Select Finish and the settings will be applied

  • To verify the Configuration, open a Word document. The user will be able to view the Getvisibility icon and if they select on the icon the compliance and classifications box will be displayed

To verify the Configuration, open a Excel document, user will see that the Getvisibility icon on the top-right is disabled, and user will not be able to Select it

MS Office Policies & Visual Tagging

This functionality allows the user to set various policies to enforce on documents in MS Office applications.

Expert Mode

Using Expert mode, the user can enable/disable the policies related to MS Office by making changes agent configuration JSON file.

  • Select Expert Mode

  • Scroll down to the OfficeConfiguration section

  • The available policies:

    • Header: - This will add a Header to the document. The user can leave it empty or customise it as needed

    • Footer: - This will add a Footer to the document. The user can leave it empty or customise it as needed

    • Watermark: - This will add a Watermark to the document. The user can leave it empty or customise it as needed

    • TagBeforePrint: - This option will Force, Warn or Log & Ignore (allow) the user to classify any document before printing

    • TagDirtyBufferOnSave: - This option will Force, Warn or Log & Ignore (allow) the user to classify any document before saving

    • AllowDescalation: - This option allows the user to lower the classification level of a classified document.

    • ExcelTextForwardingActive: This is a scraping feature, it tells the plugin to scrape the text from within an app like Word or Excel and then forward it to the classifier for a suggestion. This option can be set using True or False.

    • PowerpointSubtitle:- This will add a Subtitle to the PowerPoint. This policy is optional.

    • PowerpointTitle:- This will add a title to the PowerPoint. This policy is optional.

  • Example of Config:

OfficeConfiguration :- 

"header": "<span>Classified as {classification} by Getvisibility&reg;</span>",

      "footer": "",

      "watermark": "",

      "tagDirtyBuffersOnSave": "force",

      "tagBeforePrint": "ignore",

      "allowDeEscalation": false,

      "excelTextForwardingActive": false,

  • Select the Finish button

  • Verify the documents based on the config above

  • As per the config the user should be able to see the header and footer. The watermark should be blank.

If the user has manually edited the header or footer and then changed the classification of the document the agent will show a dialog box showing a notification for placing the new location of the classification.

Header Corner has been selected and the classification is placed in the corner without overriding the original header.

As tagDirtyBuffersOnSave = Force is configured, the user cannot save the document without classifying it. The option to Dismiss the notification is disabled which will be enabled when tagDirtyBuffersOnSave = Warn is used.

As tagBeforePrint = Warnis configured, the option to Dismiss the notification is enabled which will be disabled when the tagBeforePrint = Force is used. There will be no notification when tagBeforePrint = Log & Ignore is used.

As allowDeEscalation = False is configured, the user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled:

  • As excelTextForwardingActive = Falseis configured, text from the MS Office app will not be sent to classifier for suggestions.

Wizard Mode

Using Wizard Mode, the user can easily enable/disable the policies related to MS office.

  • Select Configuration Wizard Mode

  • Navigate to Word, Excel, PowerPoint Policies

Keep Selecting Next to only change the compliance tags. Last step of the wizard the agent will display:

  • Select Finish and the settings will be applied.

  • Verify the documents based on the selection above

  • The user should be able to see the header and footer, the watermark should be blank:

The Force option has been selected. The user cannot save the document without classifying it. The option to Dismiss the notification is disabled which will be enabled when the user selects Warn.

Warn option has been selected,user can Dismiss the notification before printing. This will be disabled when the user selects Force. There will be no notification for the Log & Ignore.

The lower classification option has not been selected. So user is not allowed to lower the level of classification on the document and all the lower classification options are disabled:

Outlook Plugins

This functionality will allow users to configure Outlook classification plugin.

Expert Mode

Using Expert mode, users can enable/disable Outlook Plugins by editing the agent configuration JSON.

  • Select Expert Mode

  • Scroll down to OutlookConfiguration section

  • Add values

    • OutlookPluginActive is set to True in the example

  • Select the Finish button

  • 'Configuration saved successfully’ message will be displayed on screen along with the OK button.

  • To verify the Configuration, open Outlook, the user will see the Getvisibility icon on the top-right is enabled. The user will be able to Select it and classify the email, ifOutlookPluginActive = false is configured the icon will be disabled.

Wizard Mode

Using Wizard Mode, the user can enable/disable Outlook Plugins by making changes in the Focus UI

  • Select Configuration Wizard Mode

  • There are total of 12 steps in the Wizard and Outlook Plugin is selected on the third step.

  • Select Outlook

  • Then Select Next

  • Select Finish to apply configuration

  • To verify the Configuration, open a Word document

  • The Getvisibility icon will be enabled

  • Selecting the icon will show the compliance and classifications box where the user to classify document

Outlook Policies & Visual Tagging

This functionality will allow the user to set various policies that they can enforce on emails when using Outlook.

Expert Mode

Using Expert mode, the user can enable/disable the policies related to Outlook by editing the agent configuration JSON.

  • Select Expert Mode

  • Scroll down to OutlookConfiguration section

  • The available policies:

    • Header: - This will add a Header to the email. The user can leave it empty or customise it as needed

    • Footer: - This will add a Footer to the email. The user can leave it empty or customise it as needed

    • TagOnPrint: - Using this option will Force, Warn, or Log & Ignore (allow) users to classify any modified email before printing

    • TagOnSend: - Using this option will Force, Warn, or Log & Ignore (allow) users to classify any modified email before sending

    • allowUnclassifiedAttachments - Using this option will Block, Warn, or Log & Allow (allow) users to send unclassified attachments in emails

    • minAttachmentsTag - This option will allow users to Inherit the minimal classification from a classified attachment to the email

    • allowDescalation: - This option allows users to lower the classification level of a classified email

    • autoClassifyReplyForwardEmails - This option allows users to inherit the classification level when replying or forwarding an email

Example config:

"OutlookPluginActive": true,

 "header": "<h2 style=\"font-style:italic\"><span style=\"font-     size:14px\">Classified as {classification} by Getvisibility&reg;  Ashima</span></h2>",

      "footer": "",

      "tagOnSend": "force",

      "tagOnPrint": "force",

      "allowUnclassifiedAttachments": "block",

      "minAttachmentsTag": "block",

      "allowDeEscalation": true,

      "autoClassifyReplyForwardEmails": true,

  • Select the Finish button

  • As per the config, the header and footer should be blank:

Adding a footer to an Outlook email using the configuration file:

header": "<span style=\"color:#008004;\"><h2 style=\"font-style:italic\"><span style=\"font-size:14px\">Classified as {classification} by Getvisibility&reg; </span></h2></span>",

 "footer": "<span style=\"color:#008004;\"><span><strong>Classified as {classification} by Getvisibility&reg; </strong></span></span>"

When tagOnSend = forceis configured users cannot send emails without classifying. Select Dismiss to keep editing or OK to classify.

  • When tagOnSend = Warnis configured users will be able to send email without classifying. Select Dismiss to send the email or OK to classify.

  • If tagOnSend = Log&Ignore is set no notification will be displayed.

When tagOnPrint = forceis configured users cannot print emails without classifying. Select Dismiss to keep editing the email or OK to classify.

  • WhentagOnPrint = Warn is configured, the user can send the email without classifying it. Select Dismiss to send the email and OK to classify

  • When tagOnPrint = Log&Ignore is configured no notification will be displayed.

  • |With allowUnclassifiedAttachments = Block, the user cannot send any attachment in the email without classifying it

  • allowUnclassifiedAttachments = Warn: The user can send the attachment in the email without classifying it but agent will give a warning.

  • allowUnclassifiedAttachments = Log&Allow: The user can send the attachment in the email without classifying without any warning.

  • minAttachmentsTag = Block: In this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will not allow sending the email. The user will have to change the classification of either the attachment or the email, otherwise they will not be able to send.

minAttachmentsTag = Warn: In this case the attachment is highly confidential, and the email is on lower level of classification, so the agent will only warn the user. They will still be able to send the email.

  • minAttachmentsTag = Log&Allow: The user will be able send any attachment in the email without any warning.

  • allowDeEscalation = Fa: T: The user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled.

autoClassifyReplyForwardEmails = False: The user has the option to set the classification for forwarding/reply an email. As seen below the original email is classified as internal but that is not inherited when forwarding or replying.

autoClassifyReplyForwardEmails = True: As seen below while forwarding the email, it has inherited the classification from the original email.

Wizard Mode

Using Wizard mode, user can enable/disable policies related to Outlook.

  • Select the Configuration Wizard Mode

  • The Header is selected on wizard and footer is left blank

Verify the settings on Outlook: the header can be seen but not the footer.

If the user changes the settings and footer is added in the config, the Wizard and Outlook will look as below:

To set Outlook polices, the user has selected Force to classify and send the email The user cannot send the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify.

If the user Changes it to Warn to classify and send the email, they will be able to send the email without classifying it but with a warning. The option to Dismiss is to send the email and OK is to classify.

The last option is Log & ignore, where the user can send the email without classification or warning.

As the user has selected Force to classify and print the email, they cannot print the email without classifying it. The option to Dismiss is to keep editing the email and OK is to classify.

The other two options are Warn and Log&Ignore where the user will be able to print the email without classifying it. The option to Dismiss is to print the email and OK is to classify. With the Log&Ignore there will be no warning at all.

As the user has selected Block, the user cannot send the any attachment in the email without classifying it.

The other two options are: Warn, where the user will be able send the attachment in the email without classifying but with a warning, and Log&Allow where the user will be able send the attachment in the email without classifying but with a warning.

The user has selected Block for the last option, in this case the attachment is highly confidential, and the email is on a lower level of classification, so the agent will not allow to send the email. The user will have to change the classification of either the attachment or the email, otherwise they will not be able to send the email:

If the user has selects Warn, in this case the attachment is highly confidential, and the email is on a lower level of classification, so the agent will only warn the user, but the user will still be able to send the email.

  • The final option here also is Log&Allow, where the user will be able send any attachment in the email without any warning.

  • The checkbox User lowers classification level of a classified email is unchecked, the user will not be allowed to lower the level of classification on the document and all the lower classification options will be disabled.

The checkbox Inherit classification when Reply and Forward emails is unchecked. The user has the option to set the classification for forwarding/reply email and as seen below the original email is classified as internal but that is not inherited while forward/reply email is applied.

The checkbox Inherit classification when Reply and Forward emails is checked. As seen below while forwarding the email, it has inherited the classification from the original email.

Configure Emails

Expert Mode

Using Expert Mode, the user can enable/disable default policies related to email by editing the agent configuration JSON.

  • Select Expert Mode

  • Scroll down to the configurationOverrides section

  • The policies:

    • Classification: - Here the user can select which type of email they wants to configure. The options are Public/Internal/Confidential/Highly Confidential

    • DefaultEmailPolicy: - Here the user can set the policy to Block/Allow/Warn an email.

    • BlockList: - The agent gives the option to create a blocklist of specific recipients. Users can add the email id of recipient in the list.

    • WarnList: - The agent gives the option to create a warnlist of specific recipients. Users can add the email id of recipient in the list.

    • AllowList: - The agent gives the option to create an allowlist of specific recipients. Users can add the email id of recipient in the list.

  • Sample config:

"configurationOverrides": [

   "classification": "Public"

   "defaultEmailPolicy": "block",

   "blockList": [],

   "warnList": ["aagarwal@getvisibility.com],

    "allowList": []

  • The above configuration says that Public type emails are blocked for sending, except for the recipient aagarwal@getvisibility.com, whom the email can be sent to but with a warning message.

  • Validating the configuration as below. Since all the Public emails are blocked from sending and the recipient lab user is not on the Allow or Warn list the email cannot be sent.

If we change the recipient to aagarwal@getvisibility.com, the agent will give only a warning as the recipient was in the warn list, but the email can still be sent.

Wizard Mode

Using the Wizard Mode, the user can enable/disable the policies related to Outlook.

  • Select the Configuration Wizard Mode

  • There is total 12 steps in Wizard and Outlook polices starts from 8th step.

  • As shown below the Public emails are by default set to Block but 1 recipient is allowed to send the email with a warning.

Validating the configuration as below. Since all the Public emails are blocked from sending and the recipient lab user is not on the Allow or Warn list the email can be sent.

If the recipient is changed to: aagarwal@getvisibility.com, the agent will only give a warning as the recipient was in the Warn list, but the email can still be sent.

The same settings can be done for Internal/Confidential/Highly Confidential emails as well with one additional option to copy the configuration from the previous classification.

Generic Settings

WriteMetadataTags :-

This property will capture the details about the agent in office applications. The below screenshot is from the config file.

In the MS Word the details can be seen as below:

SelectableByWhitelist:

Based on the distribution list, the email addresses in this list will be the ones Outlook plugin will allow sending emails to.

AllowInternalToExternal:

Based on the distribution list, this property allows to share a file in Outlook irrespective of the distribution value.

MaxNumberOfRecipients:

This property allows setting the maximum number of people the user wants to send the email to.

SuggestionOptions:

This tag will allow users to configure the options they want to show while showing the suggestion box on MS Office or Outlook.

AgentDialogConfiguration

This tag will allow the user to customise the options they want to show while showing labels such as compliance, classification etc.

DistributionTags:

Additional feature to classify the documents/emails. Few examples are: Internal/Restricted/ External/Limited

AutoLabelling

This optional feature allows users to automatically classify with a default label all newly created documents and emails in Word, Excel, Powerpoint, and Outlook. It is possible to individually set the default label for each plugin. Users will be able to select the classification label that they wants to apply to documents and email and when there is edit or change in the file and the file is saved the selected classification will be applied. Setting Autolabelling will allow the user to not to classify the documents every time the file is printed or saved, the classification will happen automatically.

Expert Mode:

The property used in Expert Mode is: defaultClassificationValue. The defaultClassificationValue is set for Outlook, Word,Excel and PowerPoint:

Wizard Mode for Word, Excel and PowerPoint:

Wizard Mode for Outlook:

Caution

While using Expert Mode the user has to be extra careful about small details like punctuation and formatting of the file. Error will be presented to the user as needed:

Reports

There are two reports related to Synergy as shown below:

Agent Activity Report

For users of Getvisibility Synergy that want an overview of the users' events using GVClient agents in MS Office and Outlook. Extensive tables detailing classification and email events are provided.

Agent Incident Report

For users of Getvisibility Synergy, this report gives an overview of the security related activity undertaken by users of GVClient agents. It visualises data such as: de-escalations, mis-classifications, and confidential data in infographic form to give organisation’s a quick understanding of the data their users are passing through their network.

Agent Management

Agent Management gives the user a high-level status of all the agents installed. Details like Name of agent, the IP address and When was the agent last seen is shown on this dashboard. User can also see if the agent is Online or not. The facility to filter the agent based on Name, Health, and State also is provided.

Administration

Pattern Matching

Using Pattern Matching UI you can view, save, create and edit RegEx patterns. These the associated rules for each pattern will be suggested to users of the agents if the RegExs are found.

Select the Add New button to create a new RegEx pattern, a new window will open to enter the RegEx pattern

Add a new RegEx pattern. An example RegEx for Student ID which is made of 7 digits and 2 letters is shown

The tags can be added for the new RegEx as shown below and Select Create

The new pattern is created but unpublished

Users have the option to Edit/Delete a RegEx pattern

After Selecting Publish, the classification pipeline restarts to pick up the enabled RegEx patterns for matching.

Users can see the confirmation message for published changes:

Restarting of the classification pipeline may take a few minutes. Once complete, open a Word document and enter a configured RegEx pattern. In this example: Syudent ID (7 digits and 2 letters)

The RegEx pattern has been found and the suggestions of GDPR/PII:100% for Compliance and Confidential for Classification are given.

Users can then select Use Suggested; GDPR/PII and Confidential will get selected and the document will be classified.

Users also have the option to ignore the suggestion and use any other values to classify.

User Management

In the User Management screen, new users can be created to access the User Interface. There are two ways to create new users:

Using the portal

Select the User Management option

User will be asked to login into Keycloak portal (Credentials will be shared separately)

Navigate to the User Section and Select the Add User button

Select Save:

Select Credentials. The user will be able to set the password for the new login, using this method they can create a new user or view the existing users.

Using LDAP method

For the LDAP method please refer the below document for details:

Unable to render {include} The included page could not be found.
  • No labels

Classified as Getvisibility - Partner/Customer Confidential