Installer Guides

Folders

Overview

The Access Governance Folders module enables organisations to onboard data sources, monitor folder and file access, and maintain governance over sensitive information. It ensures that files and folders are correctly classified as Open Access or Restricted Access, flags items requiring review, and simplifies management of access inheritance across folder hierarchies.

This section explains access types, review workflows, dashboard usage, and practical steps for managing folders and files.

Understanding Access Types

Open Access Folders or files that are publicly shared or widely accessible to organisational groups.

  • Importance: Acceptable in general, but automatically flagged if containing sensitive data or if inheritance is broken.

  • Action: Requires manual review to ensure sensitive data is not exposed.

Restricted Access Folders or files limited to specific users or groups.

  • Importance: Generally safe, but may need attention if inheritance is broken or sensitive data exists.

  • Action: Reviewing the parent folder can automatically update child folders.

Needs Review and Auto-Reviewed

  • Needs Review: Items are flagged if they have open access with sensitive data, or if inheritance is broken and the item is open.

  • Auto-Reviewed: Items inheriting correctly from a parent folder are automatically marked as reviewed, reducing manual work.

These mechanisms allow users to focus on areas requiring governance action, ensuring compliance and prioritising sensitive folders and files.

Navigating to the Folders section

To access the Folders section within the Access Governance module:

  • Use the top navigation bar on the home screen.

  • Click on the Datasources tab.

  • From the list of available data sources, select SMB server.

  • When the SMB server dashboard opens, choose the Folders tab within the Governance section in the left panel.

The Folders section provides an overview of all onboarded folders and files, showing how access is structured and highlighting which items are open or restricted. This allows users to quickly identify widely accessible items, detect potential exposure of sensitive data, and pinpoint folders where governance policies need to be enforced.

Dashboard Widget

The Dashboard Widget provides users with a high-level summary before selecting View All to access the more detailed Folders Dashboard.

The Open Access Summary Widget appears on the Governance Dashboard and provides:

  • A pie chart showing how many files exist, how many need review, and how many have been auto-reviewed.

  • A review status option on the right side to change the status of a parent folder (for example, Departments) from Needs Review to In Progress to Reviewed.

Main Dashboard

The Folders Dashboard is structured into three sections:

Top Section

  • Search Bar: Enables the user to quickly locate specific folders or files.

  • Parent and Child Folder Navigation: Provides a breadcrumb path to move between the parent folder and child folders.

  • Accessible By Details: Shows which groups or users have access, with open or restricted status.

Metadata

  • An icon next to a folder name indicates whether it is inheriting from the parent.

  • User and Group Access Levels: Can be viewed for each folder.

  • Last Modified Date: Displayed per folder.

  • Folder Link in SMB: Provides a direct link for quick navigation.

Middle Section

  • Needs Review: Shows items flagged because they are open with sensitive data or have broken inheritance.

  • Open Access (Sensitive): Shows a count of open items containing sensitive data (high-risk).

  • Open Access (Total): Shows the overall count of open items, sensitive or not.

Bottom Section

  • Folders: Displays a list of folders with access type, review status, and inheritance details.

  • Files: Displays a list of files with sensitivity, open access, and review status indicators.

  • Filters: Enables narrowing of results by access type, open objects, sensitivity, or review status.

  • All Filters: Enables advanced filtering by combining multiple criteria.

Personalised View

Once you have reviewed the main dashboard and its navigation elements, select an existing folder to modify (for example, Departments). This will open the personalised dashboard for the selected folder, where you can review the number of sensitive files and adjust permission levels as required.

Customising Filters

To customise filter settings:

  • Select each drop-down individually in the bottom left; or

  • Select All Filters, which opens a window displaying the full range of options.

Filter options include:

  • Access Type Filter: Enables users to filter items visible on the current page.

  • Open Objects Filter: Enables users to view folders containing open access items, even if the parent folder is restricted.

  • Other Filters: Enables filtering by sensitivity, review status, or inheritance status.

Review Workflow

Example Folder Structure

  • Parent Folder: Departments

  • Child Folders: Marketing, IT, HR, Sales

Steps

  1. Access the Folders Page.

  2. Open the Departments folder to view child folders.

  3. Review the access type for each child folder (Open or Restricted) and check the inheritance status.

  4. Determine review needs based on the following scenarios below.

Note that in the following example, the oob folder displays an inherits from parent icon, whereas the Marketing folder shows a broken inheritance icon, indicating that the child folder differs from its parent. Once the folder type has been confirmed, the number of sensitive files can then be reviewed to help determine the order in which the sub-folders should be examined.

Scenario 1: Parent Restricted, Child Folder Open

  • Review the child folder individually if it contains sensitive data.

  • Mark as Reviewed once verified.

Scenario 2: Parent Restricted, Child Folder Restricted

  • If no sensitive data exists, mark the parent folder as Reviewed.

  • Child folders automatically inherit the reviewed status.

Scenario 3: Parent Open, Child Folder Open

  • Each folder flagged as Needs Review must be reviewed individually.

  • Mark each folder as Reviewed after validation.

Scenario 4: Parent Open, Child Folder Restricted

  • Restricted child folders generally do not require separate review unless flagged for sensitive data.

  • Verify child folder status before marking the parent as Reviewed.

Inheritance and Review Logic

  • If inheritance is broken and a folder is open, it is automatically flagged for Needs Review.

  • If inheritance is intact and the folder is open, child folders can be auto-reviewed and marked accordingly.

  • Reviewing inheritance at the parent folder level ensures efficiency: fixing one folder (for example, Marketing) can automatically restrict access for all child folders.

Reviewing Files

  • Files follow the same concept as folders, with filters to show inheritance from the parent.

  • Revoke Access Option: Available under Actions in the far right; automatically marks the file as reviewed once applied.

  • Files without sensitive data can be quickly reviewed and marked as acceptable, even if open access remains.

  • Bulk Review: Multiple files or folders can be selected and reviewed simultaneously.

Purpose and Utility

  • Provides a centralised overview of folder and file access across the organisation.

  • Prioritises items for review based on sensitivity and inheritance status.

  • Streamlines governance through automated and manual review workflows.

  • Improves efficiency and compliance, reducing the risk of sensitive data exposure.

PreviousDashboardNextUsers

Last updated