Assign policies to your data

05/23/2024 Contributors

Policies are like a favorites list of custom filters that provide search results in the Investigation page for commonly requested compliance queries. BlueXP classification provides a set of predefined policies based on common customer requests. You can create custom policies that provide results for searches specific to your organization.

Policies provide the following functionality:

Predefined policies from NetApp based on user requests
Ability to create your own custom policies
Launch the Investigation page with the results from your Policies in one click

The Policies tab in the Compliance Dashboard lists all the predefined and custom policies available on this instance of BlueXP classification.

A screenshot of the Policies tab in the BlueXP classification dashboard.

In addition, policies appear in the list of filters in the Investigation page.

View Policy results in the Investigation page

To display the results for a policy in the Investigation page, click the More button button for a specific policy, and then select Investigate Results.

A screenshot of selecting Investigate Results for a specific policy from the Policies tab.

Create custom policies

You can create your own custom Policies that provide results for searches specific to your organization. Results are returned for all files and directories (shares and folders) that match the search criteria.

Steps

From the Data Investigation page, define your search by selecting all the filters you want to use. See Filtering data in the Data Investigation page for details.
Once you have all the filter characteristics just the way you want them, click Create Policy from this search.
Name the policy and select other actions that can be performed by the policy:
1. Enter a unique name and description.
2. Optionally, check the box to automatically delete files that match the policy parameters.
3. Click Create Policy.

Result

The new Policy appears in the Policies tab.

Edit Policies

You can modify any criteria for an existing policy that you previously created. This can be especially useful if you want to change the query (the items you defined using Filters) to add or remove certain parameters.

For Predefined Policies, you can only modify whether email notifications are sent and whether AIP labels are added. No other values can be changed.

Steps

From the Policies List page, click Edit for the Policy that you want to change.
If you just want to change the items on this page (the Name, Description, whether email notifications are sent, and whether AIP labels are added), make the change and click Save Policy.

If you want to change the filters for the saved query, click Edit Query.
In the Investigation page that defines that query, edit the query by adding, removing, or customizing the filters, and click Save Changes .

Result

The policy is changed immediately. Any actions defined for that policy to send an email, add AIP labels, or delete files will occur at the next internal.

Delete Policies

You can delete any custom policy that you created if you no longer need it. You can't delete any of the predefined policies.

To delete a policy, click the More button button for a specific Policy, click Delete Policy, and then click Delete Policy again in the confirmation dialog.

List of predefined policies

BlueXP classification provides the following system-defined policies:

Name	Description	Logic
Private data - Stale over 7 years	Files containing personal or sensitive personal information, last modified over 7 years ago.	Files containing personal or sensitive personal information, last modified over 7 years ago
Data Subject names - High risk	Files with over 50 Data Subject names.	Files with over 50 Data Subject names
Email Addresses - High risk	Files with over 50 Email Addresses, or DB Columns with over 50% of their rows containing Email Addresses	Files with over 50 Email Addresses, or DB Columns with over 50% of their rows containing Email Addresses
Personal data - High risk	Files with over 20 Personal data identifiers, or DB Columns with over 50% of their rows containing Personal data identifiers.	Files with over 20 personal, or DB Columns with over 50% of their rows containing personal
Sensitive Personal data - High risk	Files with over 20 Sensitive Personal data identifiers, or DB Columns with over 50% of their rows containing Sensitive Personal data.	Files with over 20 sensitive personal, or DB Columns with over 50% of their rows containing sensitive personal

Name

Description

Logic

Private data - Stale over 7 years

Files containing personal or sensitive personal information, last modified over 7 years ago.

Files containing personal or sensitive personal information, last modified over 7 years ago

Data Subject names - High risk

Files with over 50 Data Subject names.

Files with over 50 Data Subject names

Email Addresses - High risk

Files with over 50 Email Addresses, or DB Columns with over 50% of their rows containing Email Addresses

Personal data - High risk

Files with over 20 Personal data identifiers, or DB Columns with over 50% of their rows containing Personal data identifiers.

Files with over 20 personal, or DB Columns with over 50% of their rows containing personal

Sensitive Personal data - High risk

Files with over 20 Sensitive Personal data identifiers, or DB Columns with over 50% of their rows containing Sensitive Personal data.

Files with over 20 sensitive personal, or DB Columns with over 50% of their rows containing sensitive personal