Understanding DLP User Roles

The DLP Compliance Officer and DLP Incident Reviewer are the only two roles with the permission to review DLP incidents.

Note:

The DLP Compliance Officer and DLP Incident Reviewer roles are available to Active Directory users only.

The following table describes the features and characteristics related to these user roles:

Table 1. DLP Compliance Officer and DLP Incident Reviewer Features

Item

Description

DLP logs

Access to DLP logs is strictly limited to the following user roles:

  • DLP Compliance Officer:

    • Complete access

    • Specific widgets display DLP incident information

  • DLP Incident Reviewer:

    • Access limited to DLP logs related to directly managed users

    • Specific widgets display DLP incident information

Incident scope

  • DLP Compliance Officer: Views incident data of the entire Active Directory users

  • DLP Incident Reviewer: Views incident data of directly managed users

Menu access

Dashboard and the widgets listed in the DLP Incident Investigation tab:

  • DLP Incidents by Severity and Status

  • DLP Incident Trends by User

  • DLP Incidents by User

See DLP Incident Investigation Tab for more information.

Scheduled incident summary notification

  • Daily or weekly email notification

  • Summary list of incident count by severity level

  • Link to the Control Manager web console

  • Both the DLP Compliance Officer and DLP Incident Reviewer receive this notification

Incident details updated notification

  • Notification of modification to incident status or comments

  • Only the DLP Compliance Officer receives this notification