Remediation actions, defined in the following table, are responsible for configuring the order of Smart Filter Bundle(s) tied to specific remediation options. The remediation actions table is a place to view, add, edit, and delete remediation actions that can be tied to assignments and lockers. Details provided in the table include the name, comment, Smartkey, encryption option, report option, and delete option.
Adding Remediation Actions
A name for remediation that should be somewhat descriptive
A full description of all remediation steps that take place
Report Discovery Events
Report to the PEM Administrator when a discovery event is triggered
|If this box is checked, the client will attempt to decrypt the encrypted file. This is one of the first actions that takes place, therefore succeeding remediation actions below can take place on the unencrypted file.
If this box is checked, Microsoft Information Protection (MIP) can be used as a remediation option. An application configuration from the MIP/Applications page must be selected for the local PKWARE agents to communicate to the local Unified Labeling clients for labeling with MIP.
Reporting: Check or uncheck options for successful or unsuccessful labeling operations that are reported to the PKWARE PEM Administrator
Label: A label that will be applied for the remediation must be selected from the "Label" dropdown. Labels in this dropdown are populated from the MIP/Labels page.
Justification: Text that can be supplied to the local Unified Labeling Client when an MIP label is applied to the file.
Remove Label: Removes the MIP label from the file as a remediation.
If this box is checked, Encrypt for remediation encrypts a file. When Encrypt is checked, options for Keys, Compress, Report Successful Encryptions, Report Encryption Failure, and Post Encryption will appear.
Report Successful Encryptions
If this box is checked, any triggered successful encryption events will be reported to the PEM Administrator
Report Encryption Failures
If this box is checked, any triggered encryption failure events will be reported to the PEM Administrator
Select Smartkey(s) from the drop-down menu to encrypt the file associated with the remediation. Community keys, shared Smartkeys, and private keys. Leaving the text entry for Key(s) blank will automatically select private keys.
|If this is checked, Classification (SISL) will appear as a remediation for pre- and post-encryption.
|Report Successful Classifications
If this box is checked, any triggered successful classification events will be reported to the PEM Administrator
|Report Classification Failures
If this box is checked, any triggered classification failure events will be reported to the PEM Administrator
Check this box to allow users within scope to compress on files. If a file is triggered, the file will be compressed before encryption.Uncheck this box to not allow users within scope to compress files. If a file is triggered, the file will not be compressed before encryption. This could lead to faster encryption times for end users.
If this box is checked, Redaction for remediation Redacts file content.
|Report Successful Redactions
|If this box is checked, any triggered successful redaction events will be reported to the PEM Administrator
|Report Redactions Failures
|If this box is checked, any triggered redaction failure events will be reported to the PEM Administrator
|Redaction Smart Filter Bundle
|Use the drop-down menu to select the Smart Filter Bundle to perform redaction on.
If this box is checked, PK Protect will delete the file triggered for remediation
If this box is checked, no remediation will take place on the triggered file
|Pre Encryption - Classification (SISL)
|Input the classification SISL here to place it on a file before it is encrypted. The SISL can be found from Power Classifier for Files.
Pre Encryption - Command
Pre-processing command to run on the targeted file(s).
PK Protect will substitute any instances of `
These four variables are passed as parameters In multi-line commands, in the order listed above
Pre Encryption – Ignore Filesystem Events
If this box is checked, changes to the file from the Pre-Encryption Command will be ignored by the discovery engine.
|Post Encryption - Classification (SISL)
|Input the classification SISL here to place it on the encrypted zip. The SISL can be found from Power Classifier for Files.
Post Encryption - Command
Post-processing command to run on the targeted encrypted file.
PK Protect will substitute any instances of `
These four variables are passed as parameters In multi-line commands, in the order listed above.