Enterprise Recon 2.3.1
Delegated Remediation
PRO This feature is only available in Enterprise Recon PRO Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.
This section covers the following topics:
- Overview
- Requirements
- Delegating Remediation for Sensitive Data Locations
- Checking the Status of Delegated Remediation Tasks
- Reviewing and Remediating Locations
- Expiring A Delegated Remediation Task
Remediation can result in the permanent erasure or modification of data. Once performed, remedial actions cannot be undone.
Overview
As the process for remediating sensitive data locations often involves multiple steps and parties, the ability to delegate the remediation task is necessary for an effective compliance program. This becomes particularly evident in large organizations where a single scan can result in millions of sensitive data matches across a huge number of locations, which would be overwhelming for a single user to review and remediate.
With Delegated Remediation, an Enterprise Recon user can easily delegate the task to remediate match locations across multiple Targets to another user. This helps organizations streamline the remediation workflow to achieve flexibility and scalability in its compliance efforts.
See Remediation for more information.
Requirements
Requirements | Description |
---|---|
License | Enterprise Recon PRO license. |
Master Server | Version 2.3.1 and above. |
Message Transfer Agent (MTA) | At least one MTA must be configured to enable email notifications to be sent to delegatees of a remediation task. See Mail Settings for more information. |
Delegator | A user with Global Admin or Remediate resource permissions can delegate remediation tasks for all locations which the delegator has Remediate permissions to. The remediation actions that can be delegated are limited by the type of Remediation permissions assigned to the delegator's account. |
Delegatee |
|
Delegating Remediation for Sensitive Data Locations
A user with Global Admin and Remediate resource permissions can delegate the remediation of sensitive data locations to another user from the Investigate page. Using the Target and location filters, the delegator can simplify the Investigate results grid view to easily select multiple match locations for delegated remediation. For example, use the Metadata filter to only display locations that belong to a specific document owner.
To delegate a remediation task to another user:
- Log into the ER2 Web Console.
- Go to Investigate.
- (Optional) Select one or more filters in the Filter Locations by panel and click Apply Filter to display Targets and match locations that fulfill specific criteria in the results grid.
-
Select the Targets and match locations to be assigned for delegated remediation.
-
Click Delegate and fill in the following fields in the Delegate Remediation dialog box:
Field Description Delegate to Select a user to delegate the remediation task to. Subject (Optional) Enter a descriptive email subject to be used for the notification email. Note (Optional) Enter a custom message for the notification email. Action Required Select the remediation actions that can be performed by the delegatee on the match locations. See Remedial Action for more information. The delegator can only assign remediation actions for which his account has explicit Remediate resource permissions for. -
Click Delegate to confirm the delegation task. Once confirmed, a notification email with a link to the delegated remediation task will be sent to the delegatee.
At least one MTA must be configured to enable email notifications to be sent to delegatees of a remediation task. See Mail Settings for more information.The delegation link is accessible by the delegator and delegatee until the Link Expires date.
In the Investigate results grid, the "Delegated" status will be displayed in the Delegation column if there is at least one active delegated remediation task associated with the match location.
To check the status and progress of delegated remediation tasks that have been assigned by and assigned to the current user account, see Checking the Status of Delegated Remediation Tasks.
Checking the Status of Delegated Remediation Tasks
The Tracker page provides a view of all remediation tasks that have been delegated to the current user by other users, and vice-versa.
To view the status of delegated remediation tasks:
-
Log into the ER2 Web Console.
Field Description Enter Your Username Enter your ER2 or Active Directory (AD) user name.
Example: john.doe
Enter Your Password Enter your ER2 or AD password.
Example: myPa$$w0rd
<Active Directory Domain> Select your AD domain; only applicable for users logging in with AD credentials. Otherwise, select "No domain".
Example: example.com
- Go to Tracker.
- In the Tracker page, click on:
- Delegated to others to view the remediation tasks assigned by the current user to other users.
- Delegated to me to view the remediation tasks assigned to the current user by other users.
Column Description Delegated to User name of the delegatee of the remediation task. Only displayed in the Delegated to others tab. Delegated by User name of the delegator of the remediation task. Only displayed in the Delegated to me tab. Filter Applied List of filters that were applied to the match results set in the Investigate page when the delegated remediation task was created. Delegated on Date and time when the delegated remediation task was created. Link Expiration Expiry date and time for the delegated remediation task. Delegated remediation tasks expire automatically four weeks (28 days) from the date and time when the task was created unless expired manually. Delegated Locations Total number of Target locations selected for the delegated remediation task. Link status Status of the delegated remediation task. - Active - Indicates that the delegated remediation task is still active and not all locations have been remediated.
- Expired - Indicates that the delegated remediation task has expired. Delegated remediation tasks expire automatically four weeks (28 days) from the date and time when the task was created.
- Expired Manually - Indicates that the delegated remediation task was expired manually by the delegator.
- (Optional) Use one or more filters in the Filter by… panel to show specific delegated remediation tasks.
- Hover over a task and click on the view icon to view the list Targets and match locations included in the delegated remediation task. See Reviewing and Remediating Locations for more information.
Reviewing and Remediating Locations
The Locations To Be Remediated page displays the list of match locations to be remediated for a delegated remediation task.
To review and remediate a match location:
-
Log into the ER2 Web Console.
Field Description Enter Your Username Enter your ER2 or Active Directory (AD) user name.
Example: john.doe
Enter Your Password Enter your ER2 or AD password.
Example: myPa$$w0rd
<Active Directory Domain> Select your AD domain; only applicable for users logging in with AD credentials. Otherwise, select "No domain".
Example: example.com
- Go to the Locations To Be Remediated page.
- Click on the Link to remediate in the notification email for the delegated remediation task and log into the ER2 Web Console, or
- Log into the ER2 Web Console. In the Tracker page, hover over a task and click on the view icon.
The Locations To Be Remediated page may be empty if the delegated remediation task is still in progress. Please wait a few minutes to allow the delegation task to be completed before refreshing the page to view the list of delegated locations. - Click on a match location to bring up the Match Inspector to review the list of sensitive data matches for the match location.
- Select the Targets and match locations you want to remediate.
-
Click Remediate and select one of the following actions:
Remediation Remedial Actions Act directly on selected location - Mask all sensitive data
- Quarantine
- Delete Permanently
- Encrypt file
See Act Directly on Selected Location for more information.
Mark locations for compliance report - Confirmed
- Remediated manually
- Test Data
- False Match
See Mark Locations for Compliance Report for more information.
Only remedial actions that are supported across all selected match locations will be available for selection in the Remediate dropdown menu. See Remediation Rules for more information.Remedial actions taken in the Locations To Be Remediated page are applied to specific data types if any data type filters were selected when the delegated remediation task was created.For example, "File A" has one Personal Names (English) and two Visa matches. Only Visa matches will be remediated if Visa is the only data type filter that was selected when the delegated remediation task was created. See Checking the Status of Delegated Remediation Tasks for the list of filters that were applied for the delegated remediation task.
- Enter a name in the Sign-off field.
- Enter an explanation in the Reason field.
- Click Ok.
For an active delegation task, the list of match locations in the Locations To be Remediated page may be empty if:
- All match locations were deleted from the Target, or
- All match locations were fully remediated.
See Remediation - Act Directly on Selected Location for more information.
Expiring A Delegated Remediation Task
Delegated remediation tasks expire automatically four weeks (28 days) from the
date and time when the task was created, or can be expired manually by the delegator.
When a delegated remediation task expires, the link and Locations To Be Remediated page
for the delegated remediation task will no longer be accessible.
To manually expire a delegated remediation task:
- Log into the ER2 Web Console.
- Go to Tracker.
- Click on Delegated to others to view the remediation tasks assigned to other users.
- (Optional) Use one or more filters in the Filter by… panel to show specific delegated remediation tasks.
- Select one or more active delegated remediation tasks and click Expire Link.
- In the Expire Link dialog box, click Expire to manually expire the links for the selected delegated remediation tasks. Otherwise click Cancel to cancel the entire operation.