User-based data classification
Posted by Dana Balaštíková, Last modified by Dana Balaštíková on 19 May 2020 09:06 AM
Safetica 9.6 brings a new feature that allows end users to classify files by themselves.
Supported file formats for user-based classification are: .docx, .xlsx, .pptx, .pdf.
How to enable user-based classification for selected users
User-based classification can be enabled for selected users and endpoints. You can also control whether they are allowed to reclassify files freely, or only select stricter classification levels.
Note: The Permission to downgrade classification can be set independently of the User-based data classification option. You can enable user-based classification for a group of users, and at the same time enable Permission to downgrade classification to only a subset of this group.
How to classify files as a user
To classify a file, the user selects it and right-clicks it. When the context menu opens, the user will see the Classify file option. On mouse hover, they will see the available data categories they can choose from.
If a file has no data category assigned, the (none) option is checked. This option disappears after a classification has been assigned. Policies bound to the selected data category will then be applied to the file as well.
Categories in the context menu are listed in the same order as in Safetica Management Console. This can be changed in the DLP > Data categories table. The order should reflect the strictness of individual classification levels.
It is possible to select and classify several files at once. If an unsupported file format is selected, the Classify file option will not be displayed in the context menu.
How to configure data categories to be displayed to users
User-based data classification requires metadata-based data categories. To display a category in the right-click context menu:
How to remove data classification from a file
Users cannot remove classification from files. To work around this, the recommended approach is to:
When a user needs to remove classification from a file, they can choose this “empty” category. The file will then not be affected by any DLP policy but will remain trackable within DLP logs.
How to view user classification logs
To view logs related to user-based classification, switch to the visualization mode in DLP > Data categories. Safetica logs every classification and downgrade of classification performed by users. In the Operation column of the Records table, you can use the filtering options User classification and User classification downgrade to display the respective logs.