A comprehensive risk management solution ensuring information is available and accessible to the people who should have it and protected from the people who should not. AvePoint Compliance Guardian
A comprehensive risk management solution ensuring information is available and accessible to the people who should have it and protected
from the people who should not.
AvePoint Compliance Guardian
Contents
Compliance Scanner ...................................................................................................................................... 3
Create a Compliance Scan Plan for SharePoint/SharePoint Online .......................................................... 3
Create a Compliance Scan Plan for File Systems ...................................................................................... 5
Create a Compliance Scan Plan for Web ................................................................................................... 6
View Compliance Reports ............................................................................................................................. 9
Classification Scanner ................................................................................................................................. 11
Create a Scheduled Classification Plan for SharePoint/SharePoint Online ............................................ 11
Create a Scheduled Classification Plan for File Systems ......................................................................... 13
Apply Real-Time Classification Rules for SharePoint .............................................................................. 15
Apply Real-Time Classification Rules for Yammer .................................................................................. 16
View Classification Reports ......................................................................................................................... 17
View Action Report ................................................................................................................................. 17
Manage Files in Incident Manager .......................................................................................................... 18
View Yammer Report .............................................................................................................................. 20
2 AvePoint Compliance Guardian Quick Start Guide for Business Users
AvePoint Compliance Guardian Quick Start Guide for Business Users 3
In this document, we will introduce how to configure scan plans with Compliance Guardian and how to
read the dashboard reports.
Compliance Scanner The Compliance Scanner is used to scan content using defined business rules in a policy, and generate a
compliance report of all of the scanned files.
Create a Compliance Scan Plan for SharePoint/SharePoint Online 1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon. A drop-down
list appears. Select SharePoint from the drop-down list, and you will be brought to the
Compliance Guardian Scanner SharePoint/SharePoint Online Mode.
2. After selecting the SharePoint/SharePoint Online scope for the compliance scan, select Plan
Builder on the ribbon of Compliance Scanner page. From the drop-down menu, select Wizard
Mode for step-by-step guidance during configuration, or select Form Mode (recommended for
advanced users only) to set up a plan quickly. Take the wizard mode for example.
3. Enter a Plan Name and an optional Description if desired. Select Next. The Report Settings page
appears.
4. Select a database policy from the Database Policy drop-down list to store the result data of the
Compliance Scanner job.
5. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in
the specified groups will be able to view and download the reports in the Compliance Report
module. Click Next. The Scan Settings page appears.
6. Select a scan policy from the Scan Policy drop-down list and it will be used to scan the contents
in the specified scope.
7. Select whether scan user or system content in the specified scope
8. Specify only scan the current version of the files/items, or all the versions.
9. Specify a filter policy to filter the contents that will be scanned.
10. Specify whether to send an e-mail alert when an unsupported type of embedded file is found.
An embedded file is one file that is inserted to another file.
11. Configure schedule settings to run the scan job once and immediately or based on a schedule. In
the Options section, select a scan type, Full Scan or Incremental Scan from the drop-down list.
12. In Advanced settings, select the Compliance Guardian agent group that will perform the
Compliance Scanner job.
13. Select an e-mail notification profile from the Select a profile with address only drop-down list to
notify stakeholders when the job finished.
14. Click Next and review your plan settings. Select Finish to save the configuration of the plan
without running it or Finish and Run Now to save the configuration and then run the saved plan
immediately.
4 AvePoint Compliance Guardian Quick Start Guide for Business Users
Create a Compliance Scan Plan for File Systems
AvePoint Compliance Guardian Quick Start Guide for Business Users 5
1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon. A drop-dow n
list appears. Select File System from the drop-down list, and you will be brought to th e
Compliance Guardian Scanner File System Mode.
2. Select the file share connections for the compliance scan, select Plan Builder on the ribbon of
Compliance Scanner page. From the drop-down menu, select Wizard Mode for step-by-step
guidance during configuration, or select Form Mode (recommended for advanced users only) to
set up a plan quickly.
3. Enter a Plan Name and an optional Description if desired. Select Next. The Report Settings page
appears.
4. Select a database policy from the Database Policy drop-down list to store the result data of the
Compliance Scanner job.
5. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in
the specified groups will be able to view and download the reports in the Compliance Report
module. Click Next. The Scan Settings page appears.
6. Select a scan policy from the Scan Policy drop-down list and it will be used to scan the contents
in the specified scope.
7. Select whether or not to scan the hidden files in the specified file system.
8. Specify a filter policy to filter the contents that will be scanned.
9. If you want Compliance Guardian to send an e-mail alert when an error occurs during the file
scan, then select an e-mail profile to specify the users who will receive the e-mail, and select an
e-mail template.
10. Configure schedule settings to run the scan job once and immediately or based on a schedule. In
the Options section, select a scan type, Full Scan or Incremental Scan from the drop-down list.
11. In Advanced settings, select an e-mail notification profile from the Select a profile with address
only drop-down list to notify stakeholders when the job finished.
12. Click Next and review your plan settings. Select Finish to save the configuration of the plan
without running it or Finish and Run Now to save the configuration and then run the saved plan
immediately.
6 AvePoint Compliance Guardian Quick Start Guide for Business Users
Create a Compliance Scan Plan for Web 1. In the Compliance Guardian Scanner Home interface, select Create on the ribbon, and a drop-
down list appears. Select Website from the drop-down list, and you will be brought to the
Compliance Guardian Scanner Website Create Plan interface.
2. Enter a URL in the Start From box, Compliance Guardian will scan the objects from this URL.
Optionally, you can select to use the Compliance Guardian Transaction Capture tool to save a
transaction file, and select the Use Compliance Guardian Transaction Capture. Export the
following transaction file for the scan radio button in this interface to import a transaction file,
then the recorded URLs in the transaction file will be the start URLs.
3. Specify the depth level needed to crawl in Maximum Depth.
4. Specify the maximum pages allowed to crawl in a single job in Maximum Page.
5. Specify a filter policy to limit the scope of the scan job.
6. Select whether or not to follow Robot Exclusion Protocol. By default, the checkbox is selected,
which means that Compliance Guardian will not crawl any link that is forbidden to access in
Robot.txt.
7. Specify a scan policy for scanning the defined site.
8. Select the saved user agent profile from User Agent dropdown list to specify the user agent for
the backend web server when scanning the website.
9. Select the Authentication Profile used to connect to the website from Authentication Method
dropdown list.
10. Specify the maximum concurrent threads that can be used during the crawling job for the scan
in Maximum Concurrent Threads.
11. Specify the maximum time of one entire scan job in Time Out of One Scan. The default value is
24 hours.
12. Specify the maximum time of waiting for a response from a link before skipping it during a crawl
in Time Out of Link. The default value is 100 seconds.
13. Select whether or not to crawl the data that are loaded dynamically using JavaScript in Enable
Headless Browser. If you select Yes, then specify the delayed time to wait for loading data in a
webpage.
14. Select a database policy from the Database Policy dropdown list to store the scan job data.
AvePoint Compliance Guardian Quick Start Guide for Business Users 7
8 AvePoint Compliance Guardian Quick Start Guide for Business Users
15. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in
the specified groups will be able to view and download the reports in the Compliance Report
module.
16. Enter a Plan Name and an optional Description for this plan.
17. Choose whether or not to receive the job report after a scan job finishes. If you want to receive
the job report, select the checkbox before E-mail me the job report and scan results, and then
select a notification profile.
18. Click Save to save the configuration of the plan without running it or Save and Run Now to save
the configuration and then run the saved plan immediately.
View Compliance Reports 1. In the Compliance Reports interface, select Scan Policy Filter at the top-right corner of the page.
A drop-down list appears.
2. Choose a scan policy from the drop-down list, select the plans containing the scan results you
want to view, and then click OK under the drop-down list. The scan results of the latest job
cycles of those selected plans will be displayed in different kinds of compliance reports in the
Compliance Report module.
3. If you want to save your selection as default, after you select the desired plans, select Save As
Default before selecting OK under the drop-down list. The next time you login to Compliance
Report, the scan results of the desired plans will be displayed. You can change your selections,
but after you select Default View, the scan results of the desired plans will also be displayed.
4. On the Compliance Reports dashboard you can view different types of reports according to your
business needs. The reports include scan results, risk report, data table report, file errors report,
file type report, PDF exception report, link validation report, page title report, information
painter report, and violation report.
5. Click Trend Report to get historical compliance analysis of you IT environments.
AvePoint Compliance Guardian Quick Start Guide for Business Users 9
6. Navigate to Report > Human Auditor, after a human review, select the file that you want to
change scan result and click the icon in the Change Status column to change the check status
and recalculate the compliance report.
7. Select Ignore this file until the file or policies change to override the system.
10 AvePoint Compliance Guardian Quick Start Guide for Business Users
Classification Scanner The Classification Scanner is used to scan and classify content, and then perform appropriate actions to
change permissions, move, delete, block, quarantine, encrypt, or redact content based on the
classification results.
Create a Scheduled Classification Plan for SharePoint/SharePoint Online 1. In the Classification Scanner interface, select Scheduled Classification Scanner tab on the ribbon.
Click Create and select SharePoint from the drop-down list, then you will be brought to the
Scheduled Classification SharePoint/SharePoint Online Mode.
2. In the Plan Builder wizard, select the SharePoint/SharePoint Online nodes from the left panel to
define the content scope you want to scan.
3. Enter a Plan Name for the plan and an optional Description. Click Next, the Report Settings
screen appears.
4. Select a report database from the Report Database dropdown list for storing the job result.
5. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in
the specified groups will be able to view and download the reports in the Classification Report
module. Click Next. The Scan Settings page appears.
6. Select an action policy from the Action Policy drop-down list to define the actions to the content
that will be scanned out.
7. Select a scan policy from the Scan Policy drop-down list to define the scan rules for scanning
content.
8. Specify to only scan the current versions of files/items or all the versions.
9. Specify to send an e-mail alert when an error occurs during the process of scanning a file or
when a tag fails to be added to a file.
10. Click Next, the Schedule screen appears. Configure schedule settings to run the scan job once
and immediately or based on a schedule. In the Options section, select a scan type, Full Scan or
Incremental Scan from the drop-down list.
11. Click Next, the Advanced screen appears. Select a Compliance Guardian agent group to run the
Scheduled Classification Scan Plan.
AvePoint Compliance Guardian Quick Start Guide for Business Users 11
12. Select a Notification Profile from the Notification drop-down list to send emails to stakeholders
when the scan job finished.
13. Click Next and review your plan settings. Select Finish to save the configuration of the plan
without running it or Finish and Run Now to save the configuration and then run the saved plan
immediately.
12 AvePoint Compliance Guardian Quick Start Guide for Business Users
Create a Scheduled Classification Plan for File Systems 1. In the Classification Scanner interface, select Scheduled Classification Scanner tab on the ribbon.
Click Create and select File System from the drop-down list, then you will be brought to the
Scheduled Classification File System Mode.
2. Select the file share connections for the compliance scan, select Plan Builder on the ribbon of
Compliance Scanner page. From the drop-down menu, select Wizard Mode for step-by-step
guidance during configuration, or select Form Mode (recommended for advanced users only) to
set up a plan quickly.
3. Enter a Plan Name and an optional Description if desired. Select Next. The Report Settings page
appears.
4. Select a report database from the Report Database drop-down list for storing the job result
5. Select Compliance Guardian groups from the Report Group drop-down list. All of the users in
the specified groups will be able to view and download the reports in the Classification Report
module. Click Next. The Scan Settings page appears.
6. Specify a filter policy from the File Policy dropdown list to filter the contents that will be
scanned and limit the scope of the job.
7. Select a scan policy from the Scan Policy drop-down list and it will be used to scan the contents
in the specified scope.
8. Select whether or not to scan the hidden files in the specified file system.
9. If you want Compliance Guardian to send an e-mail alert when an error occurs during the file
scan, then select an e-mail profile to specify the users who will receive the e-mail, and select an
e-mail template.
10. Select an action policy from the Action Policy drop-down list to define the actions to the content
that will be scanned out.
11. Click Next, the Schedule screen appears. Configure schedule settings to run the scan job once
and immediately or based on a schedule. In the Options section, select a scan type, Full Scan or
Incremental Scan from the drop-down list.
12. Click Next, the Advanced screen appears. Select a Notification Profile from the Notification
drop-down list to send emails to stakeholders when the scan job finished.
AvePoint Compliance Guardian Quick Start Guide for Business Users 13
13. Click Next and review your plan settings. Select Finish to save the configuration of the plan
without running it or Finish and Run Now to save the configuration and then run the saved plan
immediately.
14 AvePoint Compliance Guardian Quick Start Guide for Business Users
Apply Real-Time Classification Rules for SharePoint 1. On the Real-Time Classification Scanner Home interface, select Create on the ribbon. A drop-
down list appears. Select SharePoint from the drop-down list to enter the Real-Time
Classification SharePoint Mode.
2. Select the SharePoint nodes from the left panel to define the content scope you want to scan.
3. Select Create Rule from the Rule Management group on the ribbon.
• Select a report database from the Report Database dropdown list for storing the Real-
Time Classification Scanner result.
• Select the report groups. Users in the specified groups have permission to the
corresponding reports.
• Select a scan policy from the Scan Policy drop-down list to define the scan rules for
scanning content.
• Select an action policy from the Action Policy drop-down list to define the actions to the
content that will be scanned out.
• If you want Compliance Guardian to send an e-mail alert when an error occurs during
the scan, then select an e-mail profile to specify the users who will receive the e-mail,
and select an e-mail template.
• Select a filter policy from the Filter Policy drop-down list to limit the scope of the job.
4. Click Apply to apply the rule and job configurations.
AvePoint Compliance Guardian Quick Start Guide for Business Users 15
Apply Real-Time Classification Rules for Yammer 1. On the Real-Time Classification Scanner Home interface, select Create on the ribbon, a drop-
down list appears. Select Yammer from the drop-down list to enter the Real-Time Classification
Yammer Mode.
2. Select the SharePoint node where the AvePoint Yammer Connector web part has added from
the Scope panel on the left.
3. Select Create Rule from the Rule Management group on the ribbon and configure the following
rule settings:
• Select a report database from the Report Database drop-down list for storing the Real-
Time Classification Scanner result.
• Specify an Export Location for the blocked attachments.
• Select Compliance Guardian groups from the Report Group drop-down list. All of the
users in the specified groups will be able to view and download the reports in Yammer
Report.
• Select a scan policy from the Scan Policy drop-down list to define the scan rules for
scanning Yammer content.
• Specify whether to send an e-mail alert when an error occurs during the process of
scanning the Yammer content. If you choose to send out alert e-mails when an error
occurs, select an e-mail profile, and an e-mail template. The alert e-mail will be sent to
the recipients configured in the selected alert notification profile.
4. Click Apply to apply the scan rules and plan configurations to your Yammer environment.
16 AvePoint Compliance Guardian Quick Start Guide for Business Users
View Classification Reports The Classification Report area includes Action Report, Incident Report, and Yammer Report. It is used to
view the report results of the files affected by Classification Scanner actions, as well as provide
operations to the quarantined files, redacted files and encrypted files.
View Action Report 1. Select Action Report in Classification Report to access the Action Report interface.
2. Select a risk formula that will be used to calculate the risk scores of a file from the Specify a risk
formula to calculate the risk scores drop-down list.
3. In the Specify the range of risk levels area, specify the risk level range by specify two values. The
files whose risk scores are lower than the value you specified to the left of Medium Priority are
considered with the low risk priority. The files whose risk scores are greater than the value you
specified to the right of Medium Priority are considered with the high priority. The files whose
risk scores are between the two specified values are considered with the medium priority.
4. Select Start Action Report to start the Action Report. The SharePoint farm and File Systems that
have been scanned will be loaded on the left pane of the Action Report interface.
5. Select the desired nodes under SharePoint and File System, the corresponding action report of
the files related to the selected nodes will be generated.
6. Select a time range in the Time Range field, the file in the specified time range will be displayed
in the action report.
7. Select Show Report. The action report will be displayed on the right pane of the interface.
8. The Action Report contains three sections, Action Overview, Classification File Risk Statistics,
and Reports.
9. Click Trend Report to view historical analysis of your Yammer environment.
10. Select Export to Screenshot at the top-right corner to export the report to a picture.
AvePoint Compliance Guardian Quick Start Guide for Business Users 17
18 AvePoint Compliance Guardian Quick Start Guide for Business Users
Manage Files in Incident Manager Incident Manager allows you to manage and performed some specified actions to the quarantined files,
encrypted files, and redacted files.
1. Select Incident Manager in Classification Report to access the Incident Manager interface.
2. In Quarantine Manger,
• Select the file, and then select Manage Content above the table.
• Select Download to download the file and make edits.
• Select Upload to upload a file.
• Select Restore to restore the quarantined files.
• Select Delete to delete the quarantined files.
• Select Export to Datasheet to export the general information of all of the quarantined
files to CSV files.
3. In Encryption Manager,
• Select the file, and then select Manage Content above the table.
• Select Download to download the file and make edits.
• Select Upload to upload a file.
• Select Decrypt to decrypt the encrypted files.
• Select Delete to delete the encrypted files.
• Select Export to Datasheet to export the general information of all of the encrypted files
to CSV files.
4. In Redaction Manager,
• Select the file, and then select Manage Content above the table.
• Select Download to download the original file before redact and make edits.
• Select Upload to upload a file.
• Select restore to restore the original file and replace the reacted file.
• Select Delete to delete the original file.
• Select Export to Datasheet to export the general information of all of the original files to
CSV files.
AvePoint Compliance Guardian Quick Start Guide for Business Users 19
20 AvePoint Compliance Guardian Quick Start Guide for Business Users
View Yammer Report 1. Select Yammer Report in Classification Report to access the Yammer Report interface.2. Select a scan policy, and then select Show Report in the left pane. The scanned results based on
the selected scan policy will be displayed on the right Dashboard pane of the Yammer Reportinterface.
3. The Dashboard includes three parts, Blocked Post Report, Folksonomy Report, and Tagged FilesReport.
4. Select Export to Screenshot at the top-right corner to export the report to a picture.
AvePoint Compliance Guardian Quick Start Guide for Business Users 21
Accessible content available upon request.