Content Safeguards protect your repository from data leaks by restricting public links to sensitive files. Administrators can create Content Safeguards policies in Secure & Govern that restrict links to a minimum security level, based on sensitive content matching, risk score, and location. These policies are then enforced in the Egnyte Collaborate source.
Enabling this feature will impact link creation for Collaborate users. Users will be required to use the mandated minimum security level when creating new links. Access to existing links will also be restricted according to the policy. If you enable this feature, we recommend notifying users in advance with an email. You can find a link to the email template and additional information about helping Collaborate users and answers to frequently asked questions in the Additional Resources section.
This feature is currently in Beta. Link creators are encouraged to use the Web UI, as the Mobile and Desktop App experiences are still in development. For details about what is included in the Beta and what work is still in development, check out the Beta Considerations section.
Skip Ahead to...
This feature works for Egnyte Collaborate sources only. Creating link restriction policies will not impact sharing for non-Collaborate sources.
Manage Content Safeguards
Create an Access Control Policy
- Go to the Settings page, open the Content Safeguards tab, and click Add Policy.
- Specify the policy name and description.
- Specify whether to apply based on "ALL of the following criteria" or "ANY of the following criteria".
- Restrict files based on Content Classification policy match, risk score, or location.
Content Classification: Files matching the selected policies will be restricted.
Risk Score: Files that fall within the selected Risk Score range will be restricted.
Location: Files within the specified folders will be restricted. When a top-level folder is selected, all of the sub-folders are automatically selected. The sub-folders included can be adjusted.
- Choose the baseline restriction that will be applied to the included files.
- Click Create Policy.
Do not use this feature to set default link security standards across the entire Egnyte Collaborate source. Instead, customize the share settings in Collaborate.
View, Edit, and Delete Active Access Control Policies
- Go to the Settings page and open the Content Safeguards tab. All active policies will appear in this list along with the number of files restricted under the policy.
- To edit or delete a policy, click the three dots on the right-hand side of the policy.
Unless you delete a Content Safeguard policy, files that receive link security level restrictions will retain them even if the file is moved or copied.
When creating a link to a file, only the allowed link security levels for the file will be available as options in the drop-down. Link creators can select their desired security level and create the link. Recipients must meet the security requirements to access the file with the link.
Links to folders are not restricted. Instead, link recipients can access the folder but cannot access any files in the folder that are restricted under a Content Safeguard policy with security requirements higher than the folder links. Link creators will see a warning when they create folder links that files within their folder matching Content Safeguard policies will not be viewable or downloadable by link recipients.
We recommend using the Web UI to investigate links because the mobile and Desktop App experiences are still in development. On mobile, link recipients will be prevented from accessing links that have been restricted by access control policies, but link creators will not see the access control message upon accessing their own link. Instead, the link will lead directly to the file. When creating a link from a mobile app, if certain levels are restricted, the link creator might see the generic message: “Access forbidden. You do not have permission to perform this action.”
On the Desktop App, the built-in Share option may not work for files that have been restricted under an access control policy.
Want to learn more? Need guidance communicating these changes to users? These resources can help.