Configuring the delivery of policy violation notifications

You can configure delivery of application violation notifications for each policy. Such notifications enable you and other concerned persons (such as administrators, managers, and other security officers) to learn about data leak threats in real time.

Policy violation notifications contain the following information:

• Name of the violated policy.
• The name of the category based on which the incident has been generated.
• Message details: subject, sender's address, and list of addresses of recipients.
• Incident number, the date and time of incident generation.
• The context of violations, i.e. fragments of message text or attached document in which protected data was detected.
• Information about message removal, if the message has been removed by the policy.

Policy violation notifications are sent via email at the time when the policy is violated. Notification delivery is disabled in policy settings by default.

To configure delivery of policy violation notifications:

1. Select the Categories and policies node.

   The workspace displays a list of categories and policies.

2. Select a policy in the list of categories and policies and click the Settings button.

   The Policy settings dialog will appear.

3. Select the Actions tab.
4. Select the check boxes for recipients to whom notifications should be sent: To security officer, To sender, To sender's manager.

   When the To security officer check box is selected, notifications are sent according to the configured list of addresses of security officers. When the To sender's manager check box is selected, messages are sent to the sender's manager only if the manager's address can be retrieved from Active Directory.

5. To configure delivery of notifications to additional recipients of your choosing:
   1. Select the Additionally check box.

      The entry field under the check box becomes active.

   2. In the entry field, specify the email addresses of recipients, separating them with a semicolon.
6. Click OK to save the changes.

The changes are saved in the policy. When incidents arise involving violations of this policy, the application sends notifications with information about violations to the specified email addresses.

Notifications about policy violations can be sent successfully only if the notification delivery settings are configured correctly (web service address and account data). Contact the administrator for additional information.

Page top