DLP and File Management Glossary

Follow

This document is an overview of BetterCloud’s lexicon for data loss prevention (DLP) and file management.

Files Grid

Asset - Any file or folder within the Files Grid. Assets can also refer to Calendars, Groups, Drives and other metadata of ingested items.

Date Created - When a file/folder was first created (column is hidden by default).

Document ID - Unique document identifier defined by integration (column is hidden by default).

File Type - Determined by the file’s extension (e.g. .gif) or its parent application (Google Docs). This relates to the “Type” variable in Alerts.

Integration - The name of the application connected into BetterCloud, as defined when first installing the application into BetterCloud (can also be changed by selecting the integration via Integration Center > Installed).

Last Updated - When a file was last altered and/or saved.

Location - Used to denote if a file in 365 is saved to OneDrive or SharePoint (column is hidden by default).

Name - The filename or folder name as it appears in the parent application, most often found when browsing the file directory or when searching for the specific file/folder.

Owner - The user (or site) associated with mastering the file/folder. Oftentimes, this is the creator of the file/folder, however, ownership may be transferred.

Owner ID - A BetterCloud assigned value for the file/folder’s Owner (column is hidden by default).

Path - For applications that support it, Path allows you to see where in the directory a file/folder is housed (column is hidden by default).

Permissions - Access level of an asset, or the visibility provided to a file/folder.

Unshared - A private file/folder only owned and visible to the file/folder owner. The lone exception is 365, which considers a file “unshared” if a sharing link has not been created.

Internal - Direct Share with User - Content explicitly shared with another, internal employee. Hidden from anyone who has not explicitly been given permission to the file/folder.

Internal - Anyone in Domain with Link - Any internal employee with a link to the file/folder can access this content. It is hidden from all who do not have the link to access  the content.

Internal - Anyone in Domain - Any internal employee can find the file/folder, regardless if they have been shared explicitly or have a link. A search of all internal content will return this file/folder for the employee.

External - Link Share with User - Specifically for OneDrive and SharePoint. A file has been explicitly shared with specific, external users at a named domain (ex. john.doe@microsoft.com or jane.smith@gmail.com). Access provided via a single, unique link, accessible to the external user when they’re logged into their account. Depending on how sharing was done by the owner/sharer, internal employees may also have access via this link.

External - Direct Share - A file has been shared explicitly with an external user or shared with a user outside of your Managed users list (ex. john.doe@microsoft.com or jane.smith@gmail.com). 

External - Direct Share with External Domain - Shared explicitly with an external domain (note: this permission can only be added via API for Google Drive).

Public - Accessible via Link - Anyone with the link or (when applicable) people with the link and password have access to this content. This does not need to be a name domain but instead can be sent to anyone via services such as Gmail, Outlook or Yahoo. No way to track who has access to the file.

Public - Accessible via Search Engine - No restrictions. File/folder is crawled by search engines and can be found within public search results. Users can view the file anonymously. No way to track who is able to find this file.

Shared With - Provides internal, external, and public names of accounts who have access to the file. For applications like Office 365, if the file/folder has been provided with an external sharing or public sharing link, it will also display this information.

User(s) - Internal users known to BetterCloud, associated with the primary domain.

Other(s) - Any other users, on subdomains, external or public domains.

Group(s) - Most commonly associated with Slack (Channels) and SharePoint Online.

Content Scanning Terms

Cancel Scan - Canceled scans cannot be resumed, however the completed files will still show in the Completed Scans tab. 

Custom Data - Allow you to set up Regular Expressions (REGEX) and Keywords as part of a content scan.

Custom Scan - A new scan created from scratch.

File Audit - Looks for sensitive data via the “Scans” section, under the Files heading. Provides you the ability to scan all files from all integrations, or set parameters for the scan (definitions of parameters below).

Go-Forward Scan - Looks for sensitive data only in files that are newly created or edited from the time the policy is created, on. Will not retroactively look for sensitive data or violations of policies (these should be remedied with File Audits or Targeted Content Scans).

Keywords - Plain text entries, allowing you to search for specific phrases in content. These can be single or multiple words, separated by commas.

Pre-Defined Data - A preset library of terms, broken up by Category and Data Type.

REGEX - A sequence of characters that define a search pattern. You are able to save up to 15 REGEX patterns, banking them for future scans.

Saved Scan - A previous scan with saved scan criteria. Saved scans can be used as editable templates for new scans.

Scan Criteria - Preset data types, custom regular expressions,  or custom keywords chosen by the user.

Scan In Progress - Scans that are still running. A status bar shows how many files have been scanned and how many are left. Some scans may take longer than expected depending on the content.

Targeted Content Scan - Files selected from the Files Grid to be scanned for sensitive data. Up to 100 files can be selected. A scan is then run by clicking Actions and selecting “Scan Content,” defining the terms of the scan. Formerly called "Select Scan."

Terms Within the File Audit and Targeted Content Scan Windows

Category - Classification of data types. These include Financial, General PII, Government, Health, Other and Security.

Data Type - Terms and keywords to be scanned, organized into libraries (including U.S. Social Security Number, Credit Cards, U.S. Passport, Access Codes and other sensitive information terms).

File Owner - The user (or site) associated with mastering the file/folder. Oftentimes, this is the creator of the file/folder, however, ownership may be transferred.

File Size - Document size must be less than 50MB, and extracted text must be no greater than 500kb.

Integrations - The application(s) you’d like to evaluate during the scanning process.

 

Permissions

Public - Any file that can be found via a search engine or has been shared with a public email address.

External - Any file that can be accessed by users at named domains (ex. microsoft.com). This excludes publicly accessible domains like Gmail or Yahoo. For 365 files in SharePoint, nearly all files are considered External because a Visitors group is added to all SharePoint sites.

Internal - Files accessible only to people within your organization. Assets will include internal collaborators as well as private files with no collaborators.

Regional Format - Country associated with the content type (General is also an option).

Scan Name - Way to identify your scan during its run and after its completion.

Shared With - A domain or specific user account to be named, matching all files that have been shared with this user.

Supported File Type - PDF, CSV, DOC, DOCX, PPT, PPTX, XLS, XLSX, TXT, Google files (Docs, Sheets, Presentations, Drawings).

Terms Within the Scan Results

Exceeds Character Limit - A file can contain a maximum of 500,000 characters.

File No Longer Exists - File was deleted after the scan began taking place.

File Unavailable from Provider - File may no longer be available from the provider. 

No Response - The provider took too long to respond.

Passed - No sensitive data was found in the file.

Unable to Scan - Scanned asset may have been a folder, too large or an unsupported file type.

Unknown Error - Please contact customer support as they will be able to provide finer details on the cause of the scanning error.

Violation - Positive scan results that matched the criteria of the scan.

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request