Connecting with Data Owners
Before installing the first policy, send an email to Data Owners:
-
Explain the Data Owner responsibility for protecting data.
-
Provide an example of automated notification and discuss corporate guidelines for responding to incidents.
-
Ask the Data Owners to provide the Data Types that they want protected and any exceptions.
-
Decide ahead of time what exceptions you do not want to allow. For example, you can create a corporate DLP guideline that no one sends protected data to home email addresses. Organization-wide guidelines prevent conflicts if a Data Owner makes a request that is not good business practice; you can direct the Data Owner to the guidelines, and not redirect the request personally.
If you notify the Data Owner every time an incident occurs, it can overwhelm the person and reduce the effectiveness of the system. On the other hand, you must notify the Data Owner enough. Keep the balance. The notification system must help Data Owners maintain control over their data and help resolve issues of possible leakage.
|
Rule Action |
Recommendation for Data Owner Notification |
|---|---|
|
Detect |
In general, you should not notify Data Owners for Detect rules. |
|
Inform User |
Sometimes Data Owners want to know what data is sent out, but are not ready to delay or prevent the transmission. Notification of these incidents depends on the needs of the Data Owners. |
|
Ask User |
The user handles these incidents in the Self Incident-Handling portal. Whether the Data Owner needs to be notified depends on the severity of the rule |
|
Prevent |
Any rule that is severe enough to justify the immediate block of a transmission, is often enough to justify the Data Owner being notified. |
