Skip to main content
Druva Documentation

File Hash Whitelist in inSync Compliance

Overview

inSync reports violations based on the criteria defined in the compliance policies. However, there might be files that contain sensitive terms but are not deemed sensitive by your organization. A good example of this is mock data that developers and testers often use to test the functionalities of an application. The mock data might be used by multiple teams thereby triggering a violation for each user who stores that data in their device. 

To tackle such situations, you can whitelist file hashes that are not deemed as sensitive according to the policies of your organization. Whenever inSync comes across a file that's whitelisted, it will not scan that file. This will also resolve all previous violations that have been reported for the whitelisted file. 

How is a file hash whitelist helpful?

Let's understand this functionality with the help of the following scenario: 

Your organization develops web applications for banks. Hence, any personal financial data such as bank account numbers, credit card numbers are sensitive in nature. You have configured inSync to trigger a violation when such data is found in employees' devices.

However, for a recent feature, a developer in the organization created a text file containing mock credit card numbers. She also shared the file with 8 other developers and testers within the organization.

inSync reported a violation as soon as it scanned the data and found a credit card number.

However, when you looked into it, you found that the file contains mock credit card numbers and does not violate any security policy of your organization. You can whitelist this file hash so that inSync does not report any more violations for the text file. 

Whitelist a file hash

  1. On the inSync Management Console menu bar, click Governance > Compliance. The Compliance Overview page appears.

  2. Click File Violations. The list of non-compliant files appear.

  3. Select the violation that contains the file that you want to whitelist.

  4. Click Resolve.

  5. Select False Positive in the Resolution drop-down list. Add relevant comments that help others understand why this violation was marked as False Positive.

  6. Click Resolve

The whitelisted file hashes are listed in the File Hash Whitelist tab.

file hash whitelist.png

For all subsequent scans, inSync skips the whitelisted file hash. Also, all the previously reported active violations for the whitelisted file are auto-resolved by inSync.

Remove a file hash from the whitelist

  1. On the inSync Management Console menu bar, click Governance > Compliance. The Compliance Overview page appears.

  2. Click Whitelist on the left pane, and then click File Hash Whitelist tab.

  3. Click the name of the whitelisted file that you want to remove.

  4. Click Remove from Whitelist and click Delete on the confirmation box. 

inSync will start reporting violations for the file from subsequent scans.

View the details and download a whitelisted file

  1. On the inSync Management Console menu bar, click Governance > Compliance. The Compliance Overview page appears.

  2. Click Whitelist on the left pane, and then click File Hash Whitelist tab.

  3. Click the name of the whitelisted file for which you want to view the details.

  4. Click Download File if you want to download the file for further inspection.

  • Was this article helpful?