AvePoint Compliance Guardian€¦ · Create a Compliance Scan Plan for SharePoint/SharePoint Online...

A comprehensive risk management solution ensuring information is available and accessible to the people who should have it and protected

from the people who should not.

AvePoint Compliance Guardian

Contents

Compliance Scanner ...................................................................................................................................... 3

Create a Compliance Scan Plan for SharePoint/SharePoint Online .......................................................... 3

Create a Compliance Scan Plan for File Systems ...................................................................................... 5

Create a Compliance Scan Plan for Web ................................................................................................... 6

View Compliance Reports ............................................................................................................................. 9

Classification Scanner ................................................................................................................................. 11

Create a Scheduled Classification Plan for SharePoint/SharePoint Online ............................................ 11

Create a Scheduled Classification Plan for File Systems ......................................................................... 13

Apply Real-Time Classification Rules for SharePoint .............................................................................. 15

Apply Real-Time Classification Rules for Yammer .................................................................................. 16

View Classification Reports ......................................................................................................................... 17

View Action Report ................................................................................................................................. 17

Manage Files in Incident Manager .......................................................................................................... 18

View Yammer Report .............................................................................................................................. 20

2 AvePoint Compliance Guardian Quick Start Guide for Business Users

AvePoint Compliance Guardian Quick Start Guide for Business Users 3

In this document, we will introduce how to configure scan plans with Compliance Guardian and how to

read the dashboard reports.

Compliance Scanner The Compliance Scanner is used to scan content using defined business rules in a policy, and generate a

compliance report of all of the scanned files.

Create a Compliance Scan Plan for SharePoint/SharePoint Online 1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon. A drop-down

list appears. Select SharePoint from the drop-down list, and you will be brought to the

Compliance Guardian Scanner SharePoint/SharePoint Online Mode.

2. After selecting the SharePoint/SharePoint Online scope for the compliance scan, select Plan

Builder on the ribbon of Compliance Scanner page. From the drop-down menu, select Wizard

Mode for step-by-step guidance during configuration, or select Form Mode (recommended for

advanced users only) to set up a plan quickly. Take the wizard mode for example.

3. Enter a Plan Name and an optional Description if desired. Select Next. The Report Settings page

appears.

4. Select a database policy from the Database Policy drop-down list to store the result data of the

Compliance Scanner job.

5. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in

the specified groups will be able to view and download the reports in the Compliance Report

module. Click Next. The Scan Settings page appears.

6. Select a scan policy from the Scan Policy drop-down list and it will be used to scan the contents

in the specified scope.

7. Select whether scan user or system content in the specified scope

8. Specify only scan the current version of the files/items, or all the versions.

9. Specify a filter policy to filter the contents that will be scanned.

10. Specify whether to send an e-mail alert when an unsupported type of embedded file is found.

An embedded file is one file that is inserted to another file.

11. Configure schedule settings to run the scan job once and immediately or based on a schedule. In

the Options section, select a scan type, Full Scan or Incremental Scan from the drop-down list.

12. In Advanced settings, select the Compliance Guardian agent group that will perform the


13. Select an e-mail notification profile from the Select a profile with address only drop-down list to

notify stakeholders when the job finished.

14. Click Next and review your plan settings. Select Finish to save the configuration of the plan

without running it or Finish and Run Now to save the configuration and then run the saved plan

immediately.


Create a Compliance Scan Plan for File Systems


1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon. A drop-dow n

list appears. Select File System from the drop-down list, and you will be brought to th e

Compliance Guardian Scanner File System Mode.

2. Select the file share connections for the compliance scan, select Plan Builder on the ribbon of

Compliance Scanner page. From the drop-down menu, select Wizard Mode for step-by-step

guidance during configuration, or select Form Mode (recommended for advanced users only) to

set up a plan quickly.


appears.

4. Select a database policy from the Database Policy drop-down list to store the result data of the







7. Select whether or not to scan the hidden files in the specified file system.

8. Specify a filter policy to filter the contents that will be scanned.

9. If you want Compliance Guardian to send an e-mail alert when an error occurs during the file

scan, then select an e-mail profile to specify the users who will receive the e-mail, and select an

e-mail template.

10. Configure schedule settings to run the scan job once and immediately or based on a schedule. In

the Options section, select a scan type, Full Scan or Incremental Scan from the drop-down list.

11. In Advanced settings, select an e-mail notification profile from the Select a profile with address

only drop-down list to notify stakeholders when the job finished.



immediately.

Create a Compliance Scan Plan for Web 1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon, and a drop-

down list appears. Select Website from the drop-down list, and you will be brought to the

Compliance Guardian Scanner Website Create Plan interface.

2. Enter a URL in the Start From box, Compliance Guardian will scan the objects from this URL.

Optionally, you can select to use the Compliance Guardian Transaction Capture tool to save a

transaction file, and select the Use Compliance Guardian Transaction Capture. Export the

following transaction file for the scan radio button in this interface to import a transaction file,

then the recorded URLs in the transaction file will be the start URLs.

3. Specify the depth level needed to crawl in Maximum Depth.

4. Specify the maximum pages allowed to crawl in a single job in Maximum Page.

5. Specify a filter policy to limit the scope of the scan job.

6. Select whether or not to follow Robot Exclusion Protocol. By default, the checkbox is selected,

which means that Compliance Guardian will not crawl any link that is forbidden to access in

Robot.txt.

7. Specify a scan policy for scanning the defined site.

8. Select the saved user agent profile from User Agent dropdown list to specify the user agent for

the backend web server when scanning the website.

9. Select the Authentication Profile used to connect to the website from Authentication Method

dropdown list.

10. Specify the maximum concurrent threads that can be used during the crawling job for the scan

in Maximum Concurrent Threads.

11. Specify the maximum time of one entire scan job in Time Out of One Scan. The default value is

24 hours.

12. Specify the maximum time of waiting for a response from a link before skipping it during a crawl

in Time Out of Link. The default value is 100 seconds.

13. Select whether or not to crawl the data that are loaded dynamically using JavaScript in Enable

Headless Browser. If you select Yes, then specify the delayed time to wait for loading data in a

webpage.

14. Select a database policy from the Database Policy dropdown list to store the scan job data.





module.

16. Enter a Plan Name and an optional Description for this plan.

17. Choose whether or not to receive the job report after a scan job finishes. If you want to receive

the job report, select the checkbox before E-mail me the job report and scan results, and then

select a notification profile.

18. Click Save to save the configuration of the plan without running it or Save and Run Now to save

the configuration and then run the saved plan immediately.

View Compliance Reports 1. In the Compliance Reports interface, select Scan Policy Filter at the top-right corner of the page.

A drop-down list appears.

2. Choose a scan policy from the drop-down list, select the plans containing the scan results you

want to view, and then click OK under the drop-down list. The scan results of the latest job

cycles of those selected plans will be displayed in different kinds of compliance reports in the

Compliance Report module.

3. If you want to save your selection as default, after you select the desired plans, select Save As

Default before selecting OK under the drop-down list. The next time you login to Compliance

Report, the scan results of the desired plans will be displayed. You can change your selections,

but after you select Default View, the scan results of the desired plans will also be displayed.

4. On the Compliance Reports dashboard you can view different types of reports according to your

business needs. The reports include scan results, risk report, data table report, file errors report,

file type report, PDF exception report, link validation report, page title report, information

painter report, and violation report.

5. Click Trend Report to get historical compliance analysis of you IT environments.


6. Navigate to Report > Human Auditor, after a human review, select the file that you want to

change scan result and click the icon in the Change Status column to change the check status

and recalculate the compliance report.

7. Select Ignore this file until the file or policies change to override the system.


Classification Scanner The Classification Scanner is used to scan and classify content, and then perform appropriate actions to

change permissions, move, delete, block, quarantine, encrypt, or redact content based on the

classification results.

Create a Scheduled Classification Plan for SharePoint/SharePoint Online 1. In the Classification Scanner interface, select Scheduled Classification Scanner tab on the ribbon.

Click Create and select SharePoint from the drop-down list, then you will be brought to the

Scheduled Classification SharePoint/SharePoint Online Mode.

2. In the Plan Builder wizard, select the SharePoint/SharePoint Online nodes from the left panel to

define the content scope you want to scan.

3. Enter a Plan Name for the plan and an optional Description. Click Next, the Report Settings

screen appears.

4. Select a report database from the Report Database dropdown list for storing the job result.


the specified groups will be able to view and download the reports in the Classification Report


6. Select an action policy from the Action Policy drop-down list to define the actions to the content

that will be scanned out.

7. Select a scan policy from the Scan Policy drop-down list to define the scan rules for scanning

content.

8. Specify to only scan the current versions of files/items or all the versions.

9. Specify to send an e-mail alert when an error occurs during the process of scanning a file or

when a tag fails to be added to a file.

10. Click Next, the Schedule screen appears. Configure schedule settings to run the scan job once

and immediately or based on a schedule. In the Options section, select a scan type, Full Scan or

Incremental Scan from the drop-down list.

11. Click Next, the Advanced screen appears. Select a Compliance Guardian agent group to run the

Scheduled Classification Scan Plan.


12. Select a Notification Profile from the Notification drop-down list to send emails to stakeholders

when the scan job finished.



immediately.


Create a Scheduled Classification Plan for File Systems 1. In the Classification Scanner interface, select Scheduled Classification Scanner tab on the ribbon.

Click Create and select File System from the drop-down list, then you will be brought to the

Scheduled Classification File System Mode.

2. Select the file share connections for the compliance scan, select Plan Builder on the ribbon of

Compliance Scanner page. From the drop-down menu, select Wizard Mode for step-by-step

guidance during configuration, or select Form Mode (recommended for advanced users only) to

set up a plan quickly.


appears.

4. Select a report database from the Report Database drop-down list for storing the job result


the specified groups will be able to view and download the reports in the Classification Report


6. Specify a filter policy from the File Policy dropdown list to filter the contents that will be

scanned and limit the scope of the job.



8. Select whether or not to scan the hidden files in the specified file system.

9. If you want Compliance Guardian to send an e-mail alert when an error occurs during the file

scan, then select an e-mail profile to specify the users who will receive the e-mail, and select an

e-mail template.

10. Select an action policy from the Action Policy drop-down list to define the actions to the content

that will be scanned out.

11. Click Next, the Schedule screen appears. Configure schedule settings to run the scan job once

and immediately or based on a schedule. In the Options section, select a scan type, Full Scan or

Incremental Scan from the drop-down list.

12. Click Next, the Advanced screen appears. Select a Notification Profile from the Notification

drop-down list to send emails to stakeholders when the scan job finished.




immediately.


Apply Real-Time Classification Rules for SharePoint 1. On the Real-Time Classification Scanner Home interface, select Create on the ribbon. A drop-

down list appears. Select SharePoint from the drop-down list to enter the Real-Time

Classification SharePoint Mode.

2. Select the SharePoint nodes from the left panel to define the content scope you want to scan.

3. Select Create Rule from the Rule Management group on the ribbon.

• Select a report database from the Report Database dropdown list for storing the Real-

Time Classification Scanner result.

• Select the report groups. Users in the specified groups have permission to the

corresponding reports.

• Select a scan policy from the Scan Policy drop-down list to define the scan rules for

scanning content.

• Select an action policy from the Action Policy drop-down list to define the actions to the

content that will be scanned out.

• If you want Compliance Guardian to send an e-mail alert when an error occurs during

the scan, then select an e-mail profile to specify the users who will receive the e-mail,

and select an e-mail template.

• Select a filter policy from the Filter Policy drop-down list to limit the scope of the job.

4. Click Apply to apply the rule and job configurations.


Apply Real-Time Classification Rules for Yammer 1. On the Real-Time Classification Scanner Home interface, select Create on the ribbon, a drop-

down list appears. Select Yammer from the drop-down list to enter the Real-Time Classification

Yammer Mode.

2. Select the SharePoint node where the AvePoint Yammer Connector web part has added from

the Scope panel on the left.

3. Select Create Rule from the Rule Management group on the ribbon and configure the following

rule settings:

• Select a report database from the Report Database drop-down list for storing the Real-

Time Classification Scanner result.

• Specify an Export Location for the blocked attachments.

• Select Compliance Guardian groups from the Report Group drop-down list. All of the

users in the specified groups will be able to view and download the reports in Yammer

Report.

• Select a scan policy from the Scan Policy drop-down list to define the scan rules for

scanning Yammer content.

• Specify whether to send an e-mail alert when an error occurs during the process of

scanning the Yammer content. If you choose to send out alert e-mails when an error

occurs, select an e-mail profile, and an e-mail template. The alert e-mail will be sent to

the recipients configured in the selected alert notification profile.

4. Click Apply to apply the scan rules and plan configurations to your Yammer environment.


View Classification Reports The Classification Report area includes Action Report, Incident Report, and Yammer Report. It is used to

view the report results of the files affected by Classification Scanner actions, as well as provide

operations to the quarantined files, redacted files and encrypted files.

View Action Report 1. Select Action Report in Classification Report to access the Action Report interface.

2. Select a risk formula that will be used to calculate the risk scores of a file from the Specify a risk

formula to calculate the risk scores drop-down list.

3. In the Specify the range of risk levels area, specify the risk level range by specify two values. The

files whose risk scores are lower than the value you specified to the left of Medium Priority are

considered with the low risk priority. The files whose risk scores are greater than the value you

specified to the right of Medium Priority are considered with the high priority. The files whose

risk scores are between the two specified values are considered with the medium priority.

4. Select Start Action Report to start the Action Report. The SharePoint farm and File Systems that

have been scanned will be loaded on the left pane of the Action Report interface.

5. Select the desired nodes under SharePoint and File System, the corresponding action report of

the files related to the selected nodes will be generated.

6. Select a time range in the Time Range field, the file in the specified time range will be displayed

in the action report.

7. Select Show Report. The action report will be displayed on the right pane of the interface.

8. The Action Report contains three sections, Action Overview, Classification File Risk Statistics,

and Reports.

9. Click Trend Report to view historical analysis of your Yammer environment.

10. Select Export to Screenshot at the top-right corner to export the report to a picture.


Manage Files in Incident Manager Incident Manager allows you to manage and performed some specified actions to the quarantined files,

encrypted files, and redacted files.

1. Select Incident Manager in Classification Report to access the Incident Manager interface.

2. In Quarantine Manger,

• Select the file, and then select Manage Content above the table.

• Select Download to download the file and make edits.

• Select Upload to upload a file.

• Select Restore to restore the quarantined files.

• Select Delete to delete the quarantined files.

• Select Export to Datasheet to export the general information of all of the quarantined

files to CSV files.

3. In Encryption Manager,


• Select Download to download the file and make edits.


• Select Decrypt to decrypt the encrypted files.

• Select Delete to delete the encrypted files.

• Select Export to Datasheet to export the general information of all of the encrypted files

to CSV files.

4. In Redaction Manager,


• Select Download to download the original file before redact and make edits.


• Select restore to restore the original file and replace the reacted file.

• Select Delete to delete the original file.

• Select Export to Datasheet to export the general information of all of the original files to

CSV files.


View Yammer Report 1. Select Yammer Report in Classification Report to access the Yammer Report interface.2. Select a scan policy, and then select Show Report in the left pane. The scanned results based on

the selected scan policy will be displayed on the right Dashboard pane of the Yammer Reportinterface.

3. The Dashboard includes three parts, Blocked Post Report, Folksonomy Report, and Tagged FilesReport.

4. Select Export to Screenshot at the top-right corner to export the report to a picture.


Accessible content available upon request.

AvePoint Compliance Guardian€¦ · Create a Compliance Scan Plan for SharePoint/SharePoint Online...

Documents

Transcript of AvePoint Compliance Guardian€¦ · Create a Compliance Scan Plan for SharePoint/SharePoint Online...