Data Automation Rules

Whether for compliance or competitive reasons, organisations often need to take action based on documents of special interest.

• Documents that contain personal data restricted under GDPR? - Don't allow them to be shared!
• Sales contracts reference obsolete SKUs? - Notify the the legal team and move them to quarantine!
• Files containing the name Ernie Madeoff? - Send email to the finance director!

An administrator can pre-configure actions to be automatically performed when different types of content are detected. For example, an email could be sent, or a file moved or restricted based on the detection of personal data.

Applies to:

• Enterprise File Fabric Appliance [Add-On] (since v1808)

See Also:

• Content Discovery and DLP
• Content Discovery Administration

For data automation rules to be enabled the Content Discovery module must be enabled, and providers configured for content search. For more information see Content Discovery.

The Data Automation Rules configuration page is accessed from the Organization menu by users with the Administrator role.

An automation rule consists of an event, a condition and one or more actions.

Choose “Create Rule” to create an automation rule.

The only event currently supported is “Content is detected in a file”. It’s triggered when content of interest is detected in a file that is uploaded or moved.

You may create multiple automation rules with the same event type. Typically they will have different conditions but this is not required.

For a content detection event the condition is a Content Detection Category. For example “GDPR” or “North America - National Identifiers”. The condition is true (and the action will be executed) if content has been detected by a content detector that is included in the selected Content Detection Category.

Select Create Rule to begin adding actions.

You may create many actions for each automation rule.

The following actions are supported:

• Email members of a role
• Send an email to an email address
• Disable file url creation
• Move the file to another folder

This action immediately sends a notification by email to members of a role.

Configuration

• Choose one role (drop-down)
• Choose to only send to members to have access to the file

An email like the following will be sent when matching content is detected:

This action allows the event to notify a single email address.

Configuration

• A valid email address.

This action prevents the file being shared through the creation of shared links.

Configuration

• Optionally disable shared links that have already been created.

This action moves the matched file to a nominated folder. This could be used to quarantine files that may contain sensitive data, or classify files based on specific content. Only one move to folder action is allowed per Content Detection Category.

Configuration

• Choose folder from dialog (folder must exist or can be created from dialog)
• Optionally disable shared links that have already been created.

A suffix is added to the file as it is moved which includes the date and time. This prevents subsequent updates overwriting the quarantined version. An additional optional suffix may also be added. File extensions are preserved.

For example, with an provided suffix of “_ContainsSSN” the new name for:

CreditApplication.pdf

would be:

CreditApplication_ContainsSSN_2018-08-20_22-08-24.pdf

Email notifications use the new generated file name and folder location.