Policy settings – Actions

Block transfers of files to SharePoint if they contain data matching the category.

If this check box is selected, the application blocks transfers of files to SharePoint if they contain data matching the category. This restriction covers users and websites that are specified in the policy settings.

If this check box is cleared, the application does not block file transfers to SharePoint when the policy is violated.

Regardless of whether the check box is selected or cleared, when the policy is violated, the application logs the event as a possible data leakage and creates an incident.

The check box is cleared by default.

Assessment of the danger of a potential data leak.

In the Create incidents with priority drop-down list, you can specify the priority that the application should assign to an incident when the policy is violated:

• Low
• Medium
• High

Add the file to the incident details.

If this check box is selected, when creating an incident, the application updates the incident details, adding the file that caused the policy violation while being transferred to SharePoint. You can open the file on SharePoint when handling the incident.

If this check box is cleared, the incident details display only the web address of the file on SharePoint.

The check box is selected by default.

Adding of policy violation records to Windows Event Viewer.

If the check box is selected, the application records policy violation events in Windows Event Viewer.

If the check box is cleared, events are not recorded in Windows Event Viewer.

The check box is cleared by default.

Automatically send notifications of policy violations to the following email addresses:

• To security officer;

You can specify the email address of a security officer in the Data Leak Prevention node.

• To user (to the user associated with the incident);
• To user's manager;
• Additionally(you can specify additional email addresses in this entry field, separating them with semicolons).

If the check box next to a recipient's name is selected, the application automatically sends notifications of policy violation to this email. The application uses email addresses specified in Active Directory accounts when sending notifications to the user associated with the incident and to his or her manager. If no email addresses are specified in Active Directory accounts, no notifications will be sent.

If this check box is cleared, automatic sending of notifications is disabled.

By default, the Send notification by email check box is cleared.