Skip to main content
Druva Documentation

How do I resolve a compliance violation?

inSync Cloud Editions: File:/tick.png Elite Plus File:/cross.png Elite File:/cross.png Enterprise File:/cross.png Business

Overview

As an inSync Cloud administrator, you can manually resolve the compliance violations as per the process that is defined for your enterprise. You can take any of the following remedial actions:

  • Resolve the non-compliant files or emails

    When you resolve non-compliant files or emails, inSync resolves all the non-compliance violations for those files or emails. 

  • Quarantine the non-compliant files or emails

    When you quarantine non-compliant files or emails, inSync moves the non-compliant files or emails into a protected area so that the compliance violation cannot cause any more harm.

  • Delete the non-compliant files and emails

    When you delete the non-compliant files or emails, inSync deletes the files or emails from the data source or from both data source and snapshot as per your selection. Deletion is useful when you want to prevent exposure of a sensitive file or email and remove all its occurrences from the data source and storage. 
    You can delete Exchange Online, Gmail, and Apple mails. 

 

 

  • File and email deletion is available only for Elite Plus customers.
  • inSync only deletes files and emails that are displayed in either Federated Search or Proactive Compliance search results.
  • Common file or an email that resides in both Federated Search results and Proactive Compliance violations listing when deleted from either of the results (Federated Search or Proactive Compliance), it gets deleted from both the entries.
  • Deletion is not supported for MAPI emails
    • You cannot delete emails for the following users:
    • Users put on legal hold
    • Disabled users
    • Preserved users
  • For Exchange Online users, you cannot delete emails residing in the Recoverable Items folder and In-Place Archive mailbox of a user
  • File deletion is supported only with inSync Client v5.9.5 or higher.
  • File deletion is not supported on user devices with Linux OS.
  • File deletion is not supported on Smartphones and Tablets.

 

  • Mark the violation as Acceptable Risk
    If you believe that the violation reported is false, or not harmful as per the organization policies, mark the violated file or email as Acceptable Risk. inSync resolves the violation for that file or email. 

 

Impact of resolving non-compliant files or emails

The following table provides information about each resolution action and its impact on inSync end users.

Action taken by inSync administrator Action taken by inSync Server Impact on inSync end user

Resolve the latest version or the previous version of non-compliant file or email

or

Marks the violation as Acceptable Risk

  • inSync administrator can choose to resolve only the latest version of a file or email. However, all the previous versions of the file or email are resolved by default. The behavior is the same if the violation is marked as Acceptable Risk.
  • inSync resolves all the non-compliance violations that were reported in the respective file or email violation. 
  • Additionally, inSync auto resolves a non-compliant file in any of the following scenarios:
    • The file is no longer configured for backup.
    • The file is deleted from the source by the end-user.
    • The file was reviewed offline and genuinely resolved by the inSync end user.

Note: inSync does not auto resolve non-compliant emails. However, you can manually resolve the non-compliant emails. 

  • Once resolved or marked as Acceptable Risk, inSync moves the file or email from the Active tab to the Resolved tab on the Compliance Dashboard.

  • The inSync administrator will be able to restore the resolved file to the inSync end user's device.

  • inSync retains all the resolved violations and displays the details in the Resolved tab on the Compliance Dashboard.

inSync end user can download or restore the resolved file or email through inSync Web or through inSync Client.

Quarantine the latest version or the previous version of non-compliant file or email
  • inSync administrator can choose to quarantine only the latest version of a file or email. However, all the previous versions of the file or email are quarantined by default.
  • inSync moves the file or email to a protected area, where the violation won't cause any more data compliance risks.  
  • inSync retains all the non-compliance violations for the respective file or email.
  • The inSync administrator will not be able to restore the quarantined file to the inSync end user's device.
  • The inSync administrator can choose to restore the violation. However, inSync does not recommend restoring the quarantined violation.
  • Once resolved, inSync moves the file or email from the Active tab to the Quarantined tab on the Compliance Dashboard.
  • inSync retains all the quarantined violations and displays the details in the Quarantined tab on the Compliance Dashboard.
inSync end user cannot download or restore the non-compliant file or email through inSync Web or through inSync Client.
Delete the non-compliant file from data source
  • Before deleting the files, inSync displays a list of files that it will not be able to delete along with a reason on why it was unable to delete a file.
  • inSync deletes all non-compliant versions of the file from the data source so that the violation won't cause any more data compliance risks. inSync deletes the non-compliant files from the data source even if the file is owned by a different user.
  • Although inSync deletes the files from the data source, it retains all non-compliant versions of the file in the snapshot.
  • The inSync administrator will be able to restore the deleted file to the inSync Client user's device.
  • Once deleted, inSync moves the file from the Active tab to the Resolved tab on the Compliance Dashboard.
  • inSync retains all the resolved violations and displays the details in the Resolved tab on the Compliance Dashboard.
  • In case inSync is unable to delete the file, inSync creates an entry in the admin audit trail listing why it was unable to delete the file and moves the violation to the Active tab.
inSync end user can download and restore the non-compliant file through inSync Web or through inSync Client.
Delete the non-compliant file from data source and snapshot
  • Before deleting the files, inSync displays a list of files that it will not be able to delete along with a reason on why it will be unable to delete that file.  
  • inSync deletes all non-compliant versions of the file from the data source and snapshot so that the violation won't cause any more data compliance risks. inSync deletes the non-compliant files from the data source even if the file is owned by a different user.
  • inSync retains all compliant versions of the file. 
  • inSync administrator will not be able to view or search the file.
  • Once deleted, inSync moves the file from the Active tab to the Resolved tab on the Compliance Dashboard. 
  • inSync retains all the resolved violations and displays the details in the Resolved tab on the Compliance Dashboard.
  • If inSync is unable to delete the file, inSync creates an entry in the admin audit trail listing why it was unable to delete the file and moves the violation to the Active tab. inSync creates separate audit trail entries for failure to delete from snapshot and failure to delete from data source. 
  • If inSync succeeds to delete the file from data source but fails to delete it from snapshot, inSync moves the violation to the Active tab. The file continues to exist in storage and inSync administrators can search, download and restore the file.
  • If inSync succeeds to delete the file from snapshot but fails to delete from data source, inSync moves the violation to the Active tab. The file continues to exist only in the data source and inSync administrators cannot search, download or restore the file; they can delete the file from the data source. 
inSync end user cannot download and restore the non-compliant file through inSync Web or through 
Delete the non-compliant emails from the data source
  • Before deleting the emails, inSync displays a list of emails that it will not be able to delete along with a reason why it was unable to delete an email.

  • inSync deletes all non-compliant emails from the data source so that the violation won't cause any more data compliance risks. inSync deletes the non-compliant emails from the data source even if the file is owned by a different user.

  • Although inSync deletes the emails from the data source, it retains all non-compliant emails in the snapshot.

  • The inSync administrator will be able to restore the deleted email to the inSync Client user's device.

  • Once deleted, inSync moves the email from the Active tab to the Resolved tab on the Compliance Dashboard.

  • inSync retains all the resolved violations and displays the details in the Resolved tab on the Compliance Dashboard.

  • In case inSync is unable to delete the email, inSync creates an entry in the admin audit trail listing why it was unable to delete the email and moves the violation to the Active tab.

inSync end user can download and restore the non-compliant emails through inSync Web or through inSync Client.
Delete the non-compliant emails from data source and snapshot
  • Before deleting the emails, inSync displays a list of emails that it will not be able to delete along with a reason on why it will be unable to delete that email.
  • inSync deletes all non-compliant versions of the email from the data source and snapshot so that the violation won't cause any more data compliance risks. inSync deletes the non-compliant emails from the data source even if the email is owned by a different user.

  • inSync retains all compliant versions of the emails.

  • inSync administrator will not be able to view or search the deleted email.

  • Once deleted, inSync moves the email from the Active tab to the Resolved tab on the Compliance Dashboard.

  • inSync retains all the resolved violations and displays the details in the Resolved tab on the Compliance Dashboard.

  • If inSync is unable to delete the email, inSync creates an entry in the admin audit trail listing why it was unable to delete the email and moves the violation to the Active tab. inSync creates separate audit trail entries for failure to delete from snapshot and failure to delete from the data source.

  • If inSync succeeds to delete the email from data source but fails to delete it from the snapshot, inSync moves the violation to the Active tab. The email continues to exist in storage and inSync administrators can search, download and restore the file.

  • If inSync succeeds to delete the email from a snapshot but fails to delete from the data source, inSync moves the violation to the Active tab. The email continues to exist only in the data source and inSync administrators cannot search, download or restore the email; they can delete the email from the data source.

inSync end user cannot download and restore the non-compliant emails through inSync Web or through inSync Client.

Procedure

To resolve a compliance violation

  1. On the inSync Management Console menu bar, click Governance > Compliance. The Compliance Overview page appears. 
  2. If you want to resolve non-compliant files, click File Violations. If you want to resolve non-compliant emails, click Email Violations. The list of violations appear.
  3. Click the Active tab. The list of active violations appear. 

    new file violations.png
  4. Select the file or email that you want to resolve. You can select multiple violations. 
  5. Click Resolve. The Resolve Violation dialog box appears. 
  6. From the Resolution list, select whether you want to mark the violation as acceptable risk, quarantine the violation, resolve the violation,  or delete the file or email from the data source. If you choose to delete the file or email, you can choose to delete the file or email only from the data source or from both data source and snapshot.


    resolve violation new.png
  7. In the Comments box, enter the resolution action details.
  8. Click Done

 You cannot undo a file and email delete action.

inSync resolves the non-compliant file or email as per your preference and moves the violation from the Active tab to the Resolved tab.