Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

121

122

123

124

125

126

127

128

129

130

Manage Policies

120

Return to top

Configure Access Groups

IT best practices should be followed during deployment. This includes, but is not limited to, controlled

test environments for initial tests, and staggered deployments to users.

1. Enable Data Guardian Access Groups

and, optionally, Auto access for swept files.

Important: Currently, if you enable Access Groups, you cannot disable it.

2. If you have not yet created user groups for this feature, see Add a User Group.

3. In User Groups, select a group.

4. On User Group Detail, select the Details and Action tab.

5. Click the check box for Access Group Enabled.

Note: You can also modify the group members, remove the group, or clear the Access Group

check box.

With Access Groups enabled, the Protected File Access screen allows internal users to select one or

more access groups or add an individual when sharing a protected file. External users who own a

document can share it with individual users but not access groups. This is available on Windows, Mac,

mobile, and web portal. For more information, see the Data Guardian User Guide.

Return to top

Disable Auto access for swept files (Windows and Mac)

If you have a transitional period, when it is complete, clear the Auto access for swept files check box.

Be aware of the following for an enterprise that already had Data Guardian installed on Windows or

Mac.

Internal users in access groups

Pre-existing encrypted files created

before Access Groups

New files created after

were enabled

Force-protected mode

Force-protected mode - files that Data Guardian swept

• Force-Protected sweep (Office documents, PDFs)

• Basic File Protection sweep (additional file types)

Internal users within the access group do not have automatic

access.

• Owner of the file can grant protected access.

• Users with a protected file can request access.

In the Management Console, if needed, you can revoke key

access that has been granted.

Note: During the transitional period when Auto access for

swept files was enabled, if a user within the access group

opened the file, that user has permanent access, and you

cannot revoke key access.

Internal users within the access group ha

protected files.

•

If someone is removed from

access.

•

If the owner of a file leaves th

still have access.

Opt-in mode

Opt-in mode - files that Data Guardian swept

• Secure documents folder sweep

• Basic File Protection sweep (additional file types)

•

TITUS classification (Windows)

Same as above.