As an inSync Cloud administrator, you can manually resolve the compliance violations as per the process that is defined in your organization. You can take any of the following remedial actions:
- Resolve the non-compliant files or emails
When you resolve non-compliant files or emails, inSync resolves all the non-compliance violations for those files or emails.
- Quarantine the non-compliant files or emails
When you quarantine non-compliant files or emails, inSync moves the non-compliant files or emails into a protected area so that the compliance violation cannot cause any more harm. You can also choose to delete the quarantined files from the data source. This ensures that the user cannot share the violated files with others in your organization.
- Delete the non-compliant files and emails
When you delete the non-compliant files or emails, inSync deletes the files or emails from the data source or from both data source and snapshot as per your selection. Deletion is useful when you want to prevent exposure of a sensitive file or email and remove all its occurrences from the data source and storage.
- File and email deletion is available by default for customers with Sensitive Data Governance Add-On service.
- inSync only deletes files and emails that are displayed in either Federated Search or Sensitive Data Governance search results.
- Common file or an email that resides in both Federated Search results and Sensitive Data Governance violations listing when deleted from either of the results (Federated Search or Sensitive Data Governance/Compliance), it gets deleted from both the entries.
- Deletion is not supported for MAPI emails.
- You cannot delete emails for the following users:
- Users put on legal hold
- Disabled users
- Preserved users
- For Exchange Online users, you cannot delete emails residing in the Recoverable Items folder and In-Place Archive mailbox of a user.
- File deletion is supported only with inSync Client v5.9.5 or higher.
- File deletion is not supported on user devices with Linux OS.
- File deletion is not supported on Smartphones and Tablets.
Mark the violation as Acceptable Risk or mark it as a False Positive
If you believe that the violation reported is false, or not harmful as per the organization's policies, mark the violated file or email as Acceptable Risk. inSync resolves the violation for that file or email. If you believe that the violation is not harmful and might reappear for other users and files, then, mark the violation as False Positive. Then, inSync whitelists the hash value of the file and skips scanning the file during subsequent compliance scans.
Impact of resolving non-compliant files or emails
The following table provides information about each resolution action and its impact on inSync end users.
|Action taken by administrator||Action taken by inSync||Impact on inSync end user|
Marks the violation as Acceptable Risk
Marks the violation as a False Positive
The False Positive resolution is not available for email violations.
inSync end user can download or restore the resolved file or email through inSync Web or through inSync Client.
|Quarantine the latest version or the previous version of the non-compliant file or email||
||inSync end user cannot download or restore the non-compliant file or email through inSync Web or through inSync Client.|
|Delete the non-compliant file from data source||
||inSync end user can download and restore the non-compliant file through inSync Web or through inSync Client.|
|Delete the non-compliant file from data source and snapshot||
You cannot delete files within Data Sources for which Data Lock is enabled.
|inSync end user cannot download and restore the non-compliant file through inSync Web or through|
|Delete the non-compliant emails from the data source||
|inSync end user can download and restore the non-compliant emails through inSync Web or through inSync Client.|
|Delete the non-compliant emails from data source and snapshot||
You cannot delete emails within Data Sources (Exchange Online and Gmail) for which Data Lock is enabled.
|inSync end user cannot download and restore the non-compliant emails through inSync Web or through inSync Client.|
To resolve a compliance violation
- Click the icon to access the Global Navigation Panel and select Sensitive Data Governance . The Sensitive Data Governance Overview page appears.
- If you want to resolve non-compliant files, click File Violations. If you want to resolve non-compliant emails, click Email Violations. The list of violations appear.
- Click the Active tab. The list of active violations appear.
- Select the file or email that you want to resolve. You can select multiple violations.
- Click Resolve. The Resolve Violation dialog box appears.
- From the Resolution list, select whether you want to mark the violation as
acceptablerisk, or as false positive, quarantine the violation, resolve the violation, or delete the file or email from the data source. If you choose to delete the file or email, you can choose to delete the file or email only from the data source or from both data source and snapshot.
- In the Comments box, enter the resolution action details.
- Click Done.
You cannot undo a file and email delete action.
inSync resolves the non-compliant file or email as per your preference and moves the violation from the Active tab to the Resolved tab.