Lets Look at Policy Violation Emails
This guide will walk you through what you will find in a policy violation email.
What Is a Policy Violation Email?: Every time a Policy is violated, a message will be generated, every 4 hours messages are batched into an email, and sent to the administrator email of your instance. These violation emails will contain information on notable events that you have configured within your ManagedMethods platform.
How to Utilize the Emails: In these emails you will find useful information about violated policies. Policy emails can contain a single violation, or many depending on how many were violated in the 4 hour time frame.
Which Environment Violated the Policy?
At the top of each violation, the tile associated with the violation will be noted. For most instances there will only be one environment, however in some cases there may be more than one. Ex: An O-365 Domain, and a Google Domain. Selecting the Blue Text will take you to the appropriate tile.
When was this Policy Violated?
In the top of the page you will find the policy violation period. This will show you the time frame in which the policies were violated, and how many Policies were violated in that period.
What Violated the Policies?
Below the time period you will find the types of entities that violated policies (Emails, Files, etc).
What Will the Email Show Me About the Violation?
In the body of the email you will find information about each policy that has been violated. Details will be given about the file / email / app that caused the violation, as well as context into the violation.
Which Policy Was Violated, and How Many Times?
Here we can see the Student Sharing policy was violated two times. You will also notice which Policy Conditions are defined. In this instance a file was shared to the /students OU, coming from the /students OU, and automatic remediation was set to Revoke Share On Drive File.
What Entities Violated The Policy?
Below policy information you will find details on which entities (files/emails/users/apps) violated the policy mentioned above
Clicking any Blue text will take you to the ManagedMethods dashboard and display information on the entity clicked.
Note: You must be logged into your console for the links to work correctly.
You are also provided details on who the file owner was, what the source of the violation was, and if Automatic Remediation was configured, if the Execution State was executed. For instance if you wanted to revoke shares between students as configured above, you are able to see the automatic remediation was successful.
Comments
0 comments
Article is closed for comments.