Ticket types for data¶
Coro generates tickets relating to data governance when it identifies security incidents involving the following sensitive data types:
- Non-public information (NPI)
- Personally identifiable information (PII)
- Protected health information (PHI)
- Payment card information (PCI)
To learn more about how Coro protects an organization's data, see Introducing data governance. To learn more about what information constitutes these sensitive data types, see Regulatory sensitive information types.
Security incidents occur when a user emails or shares data identified as belonging to one of these sensitive data types, and the Admin user has enabled monitoring for that category. The Admin user may also have configured permissions policies governing user rights to access, or access and expose, these data types.
All data governance tickets of these types include the following available actions:
Action | Outcomes |
---|---|
Close ticket | Close all tickets related to the selected protection component. Does not take any remediation actions. Note: When a device is removed from protection, all open tickets associated with the device are automatically closed. |
Suspend user from all cloud apps | The user's access to their accounts on all protected cloud applications is temporarily suspended. Notifications "User's access to cloud app has been suspended" and "Users updated" are displayed. |
Suspend user from <cloud service> | The user's access to their account on the designated cloud application is temporarily suspended. Notifications "User's access to cloud app has been suspended" and "Users updated" are displayed. |
Remove exposed sharing | For tickets involving data shared on cloud drives, remove the exposed data share and render any link to it as inactive. |
Contact user | Coro sends an email to the recipient containing a message and the ticket info. An action: "Contact User" is recorded in the Ticket Log and Activity log. |
Add to data governance permissions | Extend the identified user's data governance permissions to allow access and exposure for this sensitive data type. To learn more, see data permissions. |
Data governance tickets are categorized as either:
- Tickets that require the attention of data compliance officers, in line with regulations such as GDPR, HIPAA, SOC2, and others, are marked as suggested for review and have a two-week review period.
- All other tickets are automatically closed.