Manual file classification in Safetica

Safetica ONE helps you discover and classify valuable business data based on content inspection, context, and file properties. It controls all sensitive data activities, no matter where the data is stored or transferred, so you can detect and investigate where there is a risk of leakage or theft. See how to implement the manual file classification process.

Table of Contents

1. Introduction
2. How do I classify files as a user?
3. How do I configure the data categories I want users to see?
4. How do I remove a data classification from a file?
5. How do I view user classification logs?

 

Introduction

Please note that manual classification is only available in Safetica Enterprise. Supported file formats for user-based classification are .docx, .xlsx, .pptx, .pdf, and .xlsm.

You can enable classification based on manual file tagging for selected users and endpoints. You can also control whether users can freely change the classification of files or only upgrade to more stringent classification levels.

1. Open the Safetica Management Console and go to Settings > Customer Settings > User Rule Based Classification.
2. In the users tree, select the users or stations you want to enable manual classification.
3. Set User Rule Based Classification to Enabled. This allows specific users to see the Classify File option in the context menu when right-clicking. If you choose Disable, Classify File will be hidden.
4. If you want to allow users to change the classification of documents to less stringent, set Permission to downgrade to Enabled. If Disable is selected, users will only be able to increase the classification level of documents.
5. Save the settings by clicking [ ✔ ].

 

 

Important:
The permission to downgrade can be set independently of the User Rule Based Classification option. You can enable manual classification for a user group while enabling Permission to downgrade only for a subset of that group.

 

 

How do I classify files as a user?

To classify a file, the user selects it and right-clicks it. After opening the context menu, the user will see the Classify File option. Mouse rollover enables one to see the available data categories to choose from.

 

 

In the context menu of Windows 11, the file Classify can be found in the field Show more options:

 

 

If the file does not have an assigned data category, option (none) is checked. This option disappears when a classification is given. Policies associated with the selected data category will also be applied to the file.

Categories in the context menu are displayed in the same order as in the Safetica management console. This can be changed in table Protection > Data Categories. The order should reflect the degree of availability of the different classification levels.

It is possible to select and classify several files at the same time. Classify File will not appear in the context menu if you select an unsupported file format.

 

How do I configure the data categories I want users to see?

Manual data classification requires a category based on metadata. To display a category in the context menu to users, under the right mouse button:

1. Open the Safetica Management Console and go to Protection > Data Categories.
2. Click Edit next to the data category you want users to see. The category must be context-based and use metadata.
3. Enable the User Rule Based Classification option in the advanced options.
4. Click [OK].
5. Save the settings by clicking [ ✔ ].

 

 

 

How do I remove a data classification from a file?

Users are not allowed to remove classifications from files. To circumvent this problem, the recommended solution is:

1. Create a new data category (called, for example, Public) and do not assign it to any DLP.
2. Place this category at the bottom of the category list in the table Protection > Data Categories.

Users can select an ‘empty’ category when removing a classification from a file. The file will not be covered by any DLP policy, but can be tracked in the DLP logs.

 

How do I view user classification logs?

Switch to visualisation mode in Protection > Data Categories to view logs related to user-based classification. Safetica records each classification and its downgrading by users. In table Records, in column Operation, you can use the filtering options after User Classifications and Lowering User Classifications to display the corresponding logs.