Content Safeguards can protect data by restricting approved link types to files containing sensitive content. If Content Safeguards have been enabled for your source, link sharing to some of your files may be restricted to a minimum link security level based on policies created by your Administrator.
There are two types of Content Safeguard policies, Block and Warn. Under Warn policies, all link security levels for the file or folder will be available as options in the dropdown, but less secure links may have a warning message stating the link type is “Not Recommended”. Under Block policies, certain link types for files or folders may not be available since the links must meet minimum security requirements defined by your Administrator such as password-protected links.
Frequently Asked Questions:
How do Content Safeguard policies work?
- Folder/File links - Content Safeguard policies block file links only. Users still can create folder links, but recipients won't be able to download or preview files matching policy.
- Creating/Applying New Policy Changes - Creating or modifying Content Safeguards is not real-time process. After any policy creation or change, Secure & Govern needs to scan through and stamp all the files, that match the policy, Collaborate. This may take hours or even days. Currently, we can stamp up to 100K files per hour.
- Newly added files - This is not a real-time process. Secure & Govern must scan and stamp the new files that match any existing Content Safeguard policy. This may take up to 1 hour.
Why is sharing restricted for some of my files?
Share links for files can be restricted based on policies defined by your Administrator(s) in Secure & Govern. For more details about the restriction policies in place on your account, please contact your Administrator.
What do I need to do when creating a folder/file link?
When creating a link to a file, all link security levels for the file will be available as options in the dropdown. However, any link option that doesn’t meet the allowed link security levels for the file, will have a warning message stating the link type is “Not Recommended”. Users can still create a file link using the less secure method.
When creating a link to a folder, you will see a warning message stating the link type is “Not Recommended”. Users can still create a folder link using the less secure method. All files within the folder will be viewable by link recipients.
When creating a link to a file, only the allowed link security levels for the file will be available as options in the dropdown. Select your desired type of link, and you’re set. When creating a link to a folder, you will see a reminder that files with sensitive content in the folder won’t be viewable or downloadable by link recipients.
What happens to my existing links when Content Safeguards are set up?
Existing links will NOT be restricted under the Content Safeguard Warn policies, meaning that all links will still be accessible by your link recipients. However, recipients may receive a warning message indicating the link type is “Not Recommended”. Use the instructions below to check your link.
Existing links will also be restricted under the Content Safeguard Block policies, meaning that links which were previously accessible to your link recipients may no longer be accessible because they do not meet the minimum-security requirements set by the Content Safeguard policy. Use the instructions below to check your link.
Why can I still create an "Anyone Access" folder link when I have applied a Content Safeguard Blocking policy that only allows "Password only" links?
Folder links are managed differently than file links. This is because not every file, within a folder, may match the Content Safeguard policy. Content Safeguard policies are designed to restrict file sharing. A user can still share a folder with "Anyone Access". However, when a recipient opens the folder link, they will only be able to access files within a folder link when:
- Files are NOT restricted by a Content Safeguard policy
- When the folder link adheres to the Content Safeguard policy set against the files within the folder (see example below)
A blocking Content Safeguard policy is applied to the "HR" folder which only allows files to be shared via a link with a password. This policy applies to ALL the files in the "HR" folder. Two scenarios are explained below.
- Scenario 1: User creates a folder link with "Anyone Access"
- In this scenario, a recipient could open the folder link, but would NOT be able to open or download any of the files within the folder since the folder link doesn't meet the minimum requirements of the Content Safeguard policy.
- Scenario 2: User creates a folder link that requires "Password Access"
- In this scenario, a recipient could open the folder link and will be allowed to access or download any of the files within the folder since the folder link does meet the minimum requirements of the Content Safeguard policy.
If a new subfolder is added does it automatically apply the existing Content Safeguard policy?
Yes, Content Safeguard policy applies to all new files and subfolders under included folders. However, Egnyte must complete a source scan to know the files and folders exist before the policy can be applied.
What if my link recipients cannot access my link?
This likely means your link has been disabled because it does not meet the security requirements set by the Content Safeguard policy. If the link has been restricted under an access control policy, the following message will be displayed upon link access: “Access to the file has been restricted by the Administrator.” We recommend that you investigate inaccessible links via the Web UI.
How can I check if my link is working?
Use the web UI to access the link. If the link works, your link will also work for link recipients. If the link does not work and you instead see the following message: “Access to the file has been restricted by your Administrator,” your link has been disabled because it does not meet the security requirements.
What should I do if my link has been disabled by a Content Safeguard policy?
- If the link is a file link, try increasing the link’s security level.
- If the link is a file link and the link recipient is not a registered Connect user, the link recipient can be added as a Standard User to the Connect source to access links with a higher security level than "Public."
- Use the Web UI to create a new link. When creating a link, only the allowed link security levels will be available as options in the drop-down. Select your desired type of link, and you’re set.
- Contact your Administrator if you still need help or have additional questions.
Some of my files are marked as "Access restricted for link recipients", but I can still access them. Is this expected?
Yes, the “Access restricted for link recipients” message indicates that certain files may be restricted for recipients who have received links to the folder. You're still able to view these files if you already have permission to that file or folder.
If you have additional questions, reach out to your Administrator.