Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

121

122

123

124

125

126

127

128

129

130

Manage Policies

118

o Enterprise_has_Data_Guardian_Installed - Instruct users to process shared, encrypted

files.

• Configure Access Groups

• Disable_Auto_access_for_swept_files

Set up Access Groups

Analyze which users to include within each access group based on which users need to share or

collaborate on documents. You can create groups before or after enabling Access Groups in the

Management Console.

To set up groups, see Add a User Group

For Access Groups, you can configure the following:

• Import existing AD groups, for example, an accounting or legal group that shares files.

• Select ADMIN-DEFINED User Groups for cross-functional teams of managed users and any

external users that share or collaborate on files.

Note: When defining new groups, be sure to use descriptive names. On the client side, users will

be selecting some of these groups.

• After you add the user group, you can select that group, select the Details and Action tab, and

enable Access Groups for a single group or a combination of groups.

Also consider the following:

• Develop a plan for adding and removing users from a group if internal users join or leave the

enterprise.

• As a best practice, stagger deployment of Access Groups to user groups.

Note: Access groups should be specific groups within the enterprise, not the entire enterprise.

Return to top

Enterprise does not yet have Data Guardian

If you do not yet have Data Guardian installed, develop a plan for implementing access groups and

creating a smooth transition for users who have shared files.

Determine a transitional time range for deployment

Initially, enable Access Groups and Auto access for swept files for a transitional period. This should be a

brief time but long enough for user files to be swept. In the transitional period, allow enough time for the

following:

• Determine or estimate the quantity of documents that users have. Allow enough time for Data

Guardian to sweep unprotected files. A sweep occurs with the following:

• If you enable Force-Protected mode (Office documents and PDFs) or Basic File

Protection (additional file types), all those unprotected files are swept.

• Opt-in mode - A sweep only occurs for Content Based Protection (Windows only),

TITUS Classification (Windows only), or Basic File Protection (additional file types).

• Users must log in to their computers while Access Groups and Auto access for swept files are

enabled. Be sure to allow for users who are out of the office or on vacation.

Instruct users to process shared files