Skip to main content

File Remediations

In PK Endpoint Manager (PEM), the Remediations > File tab is used to define remediation actions for files. These remediation actions represent the data protection options executed on a file(s) as part of the locker and assignment configuration. To access this tab, go to Remediations > File.

The File Remediation Actions panel allows you to add, edit, or delete the remediation actions. It displays the following UI controls on the screen for configuration.

  • Click Delete button to delete a remediation action.
  • Click Edit button to edit a remediation action.

Adding Remediation Actions

To add a new remediation, click the Add button to open File Remediation Action screen.

Perform the following steps for defining file remediation:

  1. Define a name for your file remediation action in the Name.
  2. Put comments, if any, in the Comment.
  3. Choose the desired Remediations by selecting the checkbox associated with the remediation name. For more information, refer the Remediation table.
  4. If applicable, enter a script to be executed in the Pre Command and Post Command For more information, refer Post Command and Pre Command.
  5. Click Save button to save the changes else, click Cancel.

Following is the description for each remediation action:

Remediation Options

Description

Report Discovery Events

Check this checkbox to report an event when discovery action is triggered.

Decrypt

Check this checkbox to select decryption as the desired remediation action. Following options appear when this option is chosen:

  • Report Successful Decryptions: If this option is selected, it reports successful decryption events.
  • Report Decryption Failures: If this option is selected, it reports decryption failure events.

MIP

Check this checkbox to use Microsoft Information Protection (MIP) labeling as a remediation option. Following options appear on clicking this checkbox:

  • Report Successful Labelings: If this option is selected, it reports successful labeling operations to PEM.
  • Report Labeling Failures: If this option is selected, it reports unsuccessful labeling operations to PEM.
  • Application: Select an application configuration from this drop-down so. These applications can be configured in MIP > Applications screen.
  • Label: From the drop-down, select the label to apply when the remediation is executed. Labels in this drop-down are populated from MIP > Labels screen.
  • Remove Label: Select this checkbox to remove the MIP label from existing labeled the files, as the desired remediation action.
  • Use Super User Permission: Check this checkbox to allow any client to execute MIP labeling actions regardless of the permissions assigned to them in the Microsoft MIP configuration UI.
  • Justification: This field allows a free-form statement explaining why the MIP labels were changed, if the Microsoft MIP product was configured to require justifications for labeling actions.

Encrypt

Select this checkbox to add encryption to your file remediation action. Following options appear when this option is selected:

  • Report Successful Encryptions: If this option is selected, successful encryption events will be reported.
  • Report Encryption Failures: If this option is selected, encryption failure events will be reported.
  • Algorithm: This drop-down list the encryption algorithms that can be used for encrypting file.
  • Key(s): This field allows a specific key to be used encrypt the data as part of this action Leaving this field blank will automatically choose the user’s private key.
  • Compress:  If checked, the file will be compressed before encryption is performed. Encryption may be faster if compression is not selected.

Classify

Select this checkbox to include PKWARE classification in the file remediation action. When selected the following fields will appear:  

  • Report Successful Classifications: Select this checkbox to report any successful classification events.
  • Report Classification Failures: Select this checkbox to report any classification failure events.  
  • Pre Command Classification (SISL): Enter the SISL value, which can be obtained from the Power Classifier for Files UI, appear in Pre Command.
  • Post Command Classification (SISL):  Enter the SISL value, which can be obtained from the Power Classifier for Files UI.

Redact

Select this checkbox to include redaction in your file remediation action. Following options appear on clicking this checkbox:

  • Report Successful Redactions: Select this checkbox to report any successful redaction events.
  • Report Redactions Failures: Select this checkbox to report any redaction failure events.
  • Redaction Bundle: Select the redaction filter bundle from the drop-down based to define which redaction bundle is to be used.
  • Preserve File Date: Check this option to preserve the original Last Modified and Last Access Dates of the file when redaction is performed. If this option is not selected, the Last Modified and Last Access Dates of the file are changed to the date when redaction was performed. The DSI captures the event details by displaying whether this feature is enabled or disabled. 
  • Supported file extensions: ZIP, MSG, PDF, PPTX, TXT, XML, XLS, XLSX, ACCD, DOC, DOCX, PPT, MDB, RTF, CSV, VSDX, VSD, OOXM


Note: Certain file types, like Visio diagrams, cannot be redacted unless an appropriate editing software is installed on the same device as the redaction agent.

Delete

Select this checkbox to delete the file as part of your remediation.

Do Nothing

Select this checkbox to perform no actions on the file.


Pre Command

This panel allows you to input a pre-processing command in the Command field that can be executed on the targeted file(s). PK Protect will substitute any instance of `%FULLPATH%`, `%DIRECTORY%`, `%FILENAME%`, and '%BASEDIR%' in single-line commands with the respective details of the processed file. These four variables are passed as parameters in multi-line commands, in the order listed above. This panel consists of the following configurations.

  • Classification SISL : Input the classification SISL script in this field to place a PKWARE classification label on a file before it is encrypted. The SISL can be found from Power Classifier for Files. Ignore Filesystem Events: On checking this checkbox, the discovery engine will ignore the changes made to the file by Pre-Encryption Command.

Post Command

This panel allows you to input a post-processing command in the Command field that can be executed on the targeted encrypted file(s). PK Protect will substitute any instance of `%FULLPATH%`, `%DIRECTORY%`, `%FILENAME%`, and '%BASEDIR%' in single-line commands with the respective details of the processed file. These four variables are passed as parameters in multi-line commands, in the order listed above.

  • Classification SISL : Input the classification SISL script in this field to place a PKWARE Classification label on an encrypted zip file.






JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close