POLICIES
      Back to home
      1. Safetica
      2. PROTECTION: Set up your data protection
      3. POLICIES

      Understanding Block (with override)

      Explore the Block (with override) action available in data policies that allows certain users to override applied restrictions and provide explanations for their actions.

      Introduction

      When you select the Block (with override) action in a data policy, certain users will be able to override applied restrictions and provide explanations for their actions.

      Block (with override) is useful in companies where admins trust the users to only override blocking policies for legitimate reasons (for example, when a user needs to send a classified file to a customer, if sensitive content is incorrectly detected in an ordinary file, etc).

      Block (with override) is currently not available for macOS. 

       

      In this article, you will learn more about:

       

      Where to set up Block (with override)

      Block (with override) is an action available in data policies. To create a data policy, follow these steps, and in the Action section select Block (with override)

      Block (with override) is currently not available for Print and Virtual print. These operations will be blocked, even when override is enabled. 

       

      What will the user see

      When a user performs an action that is supposed to be blocked by that policy, a small notification appears in the bottom right corner of their screen.

      Clicking the notification reveals more details about why the action is blocked.

      The user has the option to override the blocking by selecting a reason from the drop-down menu (for example “I need a one-time exception”) and providing an explanation for their action. The explanation is recorded for possible investigation by the admin.

      If the user chooses to click Close, the action will be blocked.

       

      What can the admin see in records

      Admins can view override reasons and descriptions in the Data section in Safetica ONE console.

      To filter out overridden actions:

      1. Go to the Data section in Safetica ONE console.
      2. Click Add filter > Action > Override.
      3. Ensure columns Override reason and Override description are visible.
      • Override reason displays the predefined reason selected by the user.
      • Override description contains the user's explanation in their own words.

       

      Alerts

      Real-time alerts about the use of Block (with override) are sent as part of the DLP policy violation alert. Admins can set up alerts in Safetica Maintenace Console > Alerts after clicking the New rule button.