Easily manage all your data destinations and decide which destinations are safe and which are not.
In Workspace, you can manage automatically-detected destinations (such as external devices, printers, websites, network paths, or e-mail domains) to which data was transferred in the last 30 days. You can save these destinations either as Untrusted or Safe and use them in policies for more granular control.
Workspace management is based on a simple system with 3 columns:
You can drag-and-drop destinations to move them between columns, add destinations into existing groups, and create new groups. The order of destinations within columns does not represent priority, so you can order them as you want.
Unassigned destinations
Your “inbox” with destinations that were auto-detected in the last 30 days.
Decide which destinations you want to control via policies and save them either as Safe or Untrusted by drag-and-dropping them into their respective column.
You can also apply policies specifically to selected destination groups.
Use the Unassigned destinations search bar to find specific destinations.
Untrusted destinations
Destinations that are not part of a secure company perimeter, and you need to control them in a specific way. Items added here can be controlled by granular data policies.
Example: A company blocks uploads of files to all websites. The marketing department, however, needs to upload various media to their online content management system.
When the blog URL (e.g. blog.company.com) is detected and appears under Unassigned destinations, the admin can move it to Untrusted destinations and create a new specific data policy for the Marketing team, for whom upload to blog.company.com is allowed.
Safe destinations
Trusted destinations that are part of a secure company perimeter (e.g. company emails or emails of business partners, a file share within company intranet, company USBs, etc.). Items added here can be easily added as exceptions within data policies.
It is best practice to assign company devices and domains into Safe destinations.
Example: A company has an “Block non-company USB drives” policy that allows file transfer to company USBs (since they are considered safe), but blocks transfers to all other USBs.
When a new company USB is used for the first time, it will appear in Unassigned destinations. The admin can then move it to Safe destinations, and the “Block non-company USB drives” policy will start applying to it.