Skip to main content

Protection Policies

The File Protection Policies contain information pertaining to policy actions and are selected by a Target. This is a one-to-many relationship, where a single File Protection Policy can be selected by many Targets. To access Protection Policies page, go to Policies > Protection Policies. This displays File Protection Policies panel which lists down all the policies defined.

Following actions can be performed on each File Protection Policy.

  1. Edit – Allows you to edit the information of the selected file protection policy.

  2. Delete – Click this button if you want to delete the selected file protection policy.

  3. Clone – Allows you to copy the configuration of an existing file protection policy which can be edited without impacting the original one.

 

The File Protection Policies panel displays the list of all file protection policies defined in PEM Administrator. Following is the description of the columns.

Column Name

Description

Name

This field displays the name of the file protection policy.

Enabled

This field displays whether the file protection policy is enabled for selection within targets.

Platform

This field display the platform for which protection policy is defined. There are three supported platforms i.e., Windows, MacOS, Cloud, AIX, Solaris and Linux.

Updated At

This field display the date when File Protection Policy was updated.

 

To Add a File Protection Policy

To add File Protection Policy, the following attributes needs to be configured:

image-20240306-062821.png

Attributes

Description

Name

Enter the name of the file protection policy.

Comment

Enter any additional information in this field, if required. 

Enabled

By default, this option is selected.

Platform

There are different platforms on which File Protection Policy are supported i.e., Windows, Linux, Cloud, Solaris, AIX and OSX. Select Cloud to scan M365 cloud repositories.

File Filter

Select the desired file filters from the drop-down. The file filters are created in the File Filters tab that can be accessed through Advanced > File Filters.

Priority File Filter

Select the desired priority file filters from the drop-down. These file filters are created in the File Filters tab that can be accessed through Advanced > File Filters. These allow customers to prioritize file extensions and paths inside a target.

Report Compliance and Status

Checking this option will communicate the status to PEM Administrator, which in turn generates a report whether the PEM Agent has received latest policy change or not. By default, this option is selected.

Report Advanced Attributes

This option provides additional properties for MS file types when the discovery task is triggered. Advanced attributes include file Created Date, Created By, and Last Saved Date. Last Saved is reported to DSI when applicable.

Image Discovery

Selecting this option allows agents to discover the sensitive information in the supported image file types.

Archive Options

To enable the archive options for File Protection Policy, check the Archive Options. When enabled, it displays following options: 

  • Extensions - This field displays the file extensions that would be processed.

  • Depth - Indicates the number of archive levels a target should executed in. For example, if you wish to scan a file that is in an archive, and that archive exists inside another archive, the appropriate depth level should be defined as a 2.

  • Preserve Signatures - This preserves the original signatures of an archive when the target discovers or remediates file.

  • Exact Single File Archives Modified By Remediation Actions - if checked, when a single file archive is remediated, the underlying file will be extracted on disk and the original zip file is deleted. By default, this option is selected. If unchecked, the archived file will remain intact and is remediated.

  • Process Encrypted - If checked, the agent will scan encrypted files within an archive. With this box checked, if there is a remediation action that modifies the file, the file will remain decrypted unless the “encrypt” action is selected as part of the remediation action.

Actions

The File Protection Policy uses discovery to scan the content of a file to determine whether it should be remediated. The content of file can be remediated as per the action specified in the File Remediation Actions column. To add multiple filter bundles in the Actions panel, click Add button. Similarly, you can delete a filter bundle by clicking Delete button.  

Following fields are displayed in the Actions panel:

  • Filter Bundles - This field lists all filter bundles defined in the Discovery Filter Bundles screen. These bundles are used for scanning the sensitive data within a file. The Advanced Definition feature can be used with discovery filter bundles.

  • MIP Azure Label - This field lists all MIP labels defined in the MIP screen. This feature discovers a specific MIP label based on the selection.

  • Access Bundle -This field lists down all the bundles defined in the Access Bundle screen. This feature allows you to scan the access permission rights for any file based on the set of rules defined in the Expression field of the Access Bundle screen. Currently, Report Discovery Events remediation action is applicable for access bundles. 

  • File Filter - The drop-down displays all the file filters defined in the File Filters screen that can be accessed via Advanced > File Filters. This feature allows you to scan or skip only file extensions and paths which are specified in the filter.

  • File Remediation Action - This field displays list of all remediation actions that can be applied on to a file. The order of remediation action is important as PEM Agent and PK Protect for M365 will processes the remediation actions list from top to down.

 Once you have configured all the settings, click Save button to make the changes effective else click Cancel

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.