10.6 Create a Workload Policy

Workload policies in File Dynamics provide the ability to handle work processes initiated from other applications. For example, reports generated in Micro Focus File Reporter that specify the location of sensitive files can be imported into the Data Owner Client where a designated Data Owner can remediate the location of these sensitive files. This approach empowers organizations to provide automated network file system security remediation approved by a gatekeeper familiar with the files.

Workload policies specify source paths, along with the Data Owners who can access these paths.

IMPORTANT:Before Data Owners can move file to a destination target path, you should verify that the Data Owners have permissions to the destination target path.

10.6.1 Example Scenario

A network administrator uses Micro Focus File Reporter 3.5 to generate a report of potentially sensitive files and their locations on the network. Through the report, it is discovered that there are a number of files with Social Security numbers buried deep in a subfolder accessible by a group of users who shouldn’t have access to that sensitive information.

The network administrator decides that these sensitive files need to be moved to the HR folder, where only members of the HR group have access. He creates a Workload policy and within the policy, specifies which users in the HR container are to be Data Owners for this policy as well as each of the file system paths where the sensitive files currently reside on the network.

With the Workload policy saved, a Data Owner designated in the policy can now launch the Data Owner Client, import the CSV file listing all of the sensitive files and their locations, and then specify where to move those files – in this example, to the network path of the HR folder.

Upon clicking OK, each file to be moved is consolidated into a single move job in the job queue. Once the files have been moved, the specific details are recorded, where they can be reviewed.

10.6.2 Creating a Workload Policy

  1. In the Admin Client, click the Target Driven tab.

  2. Click Policies.

  3. Select New > Workload Policy.

  4. In the Name field, give the Workload policy a descriptive name.

    For example, HR Data Owners.

  5. In the Workload Paths region, click Create Action Block.

  6. In the Name field, enter a descriptive name and click OK.

    For example HQ HR Storage.

  7. Click Add and from the File System Path Browser, select a path from which the Data Owners will be able to perform Workload policy management tasks.

    For example, moving sensitive files from the specified path to a new location.

    Add all applicable paths.

  8. Click Apply.

  9. Click OK.

  10. In the Identity List region, click Link Action Block.

  11. In the Name field, enter a descriptive name and click OK.

    For example HQ HR Data Owners.

  12. In the Action Block Editor, click Add and from the Directory Services Browser, select the users who you want to be Data Owners for this policy.

  13. Click Apply.

  14. Click OK to close the Action Block Editor.

  15. Click the Description tab and in the Description field, specify any information you want to include pertaining to this policy.

  16. Click Apply to save the Workload policy.

  17. Click OK to close the Workload policy editor.

10.6.3 Remediating Using the Data Owner Client

Once Workload policies have been established, the specified Data Owners have the ability through the Data Owner Client to perform remediation tasks. Procedures for doing so are detailed in the File Dynamics 6.5 Data Owner Client Guide.