Home
/
Product documentation
/
User Data Governance
/
Data management
/
Configuring monitoring settings

Configuring data governance settings

Effective Data Loss Prevention (DLP) policies help prevent unauthorized access to sensitive information and prevent accidental exposure to unauthorized third parties.

Coro's User Data Governance module enables admin users to configure DLP to scan outgoing email communications in real-time. If Coro detects sensitive information exposure that violates your DLP settings, Coro can respond in one of the following ways:

  • Coro monitors breaches of configured data policy, but does not prevent the action taking place.
  • Coro blocks all attempts to expose or share identified sensitive data items.

In both modes, Coro alerts admin users to policy breaches through User Data Governance tickets.

When a new workspace is created, all User Data Governance options are disabled by default. Permissions settings take effect after monitoring is enabled for one or more User Data Governance options.

To configure Coro's DLP settings:

  1. Sign in to the Coro console.

  2. From the sidebar, select Control Panel:

    Control panel sidebar

  3. Select User Data Governance:

    User Data Governance

  4. Select Monitoring.

    In an unconfigured state, Coro provides banners to get started:

    Monitoring Tab

    In a configured state, Coro shows your currently selected DLP settings:

    Monitoring Tab - configured

The Monitoring tab consists of the following sections:

User Data Governance mode

Important

This is a beta feature and available only on request. Coro operates in Monitor only mode by default. Contact Coro Support to enable Block mode.

Coro enacts DLP decisions for selected privacy sensitive data items and security and business sensitive data items based on the selected mode:

User Data Governance mode

  • Monitor only: Tracks sensitive data exposure inside emails sent to external unauthorized recipients, but does not prevent the action. The email is not blocked inside your organization and continues on to the named recipients.

  • Block: Detects sensitive data exposure inside emails, preventing them from being sent. An admin user can review the breach and choose to permanently delete the email, or release it if the event is determined to be safe.

    To use block mode, admin users must configure an Outbound Gateway proxy to handle email processing.

    Select either of the highlighted links at the top of the page to start the process:

    Monitoring Tab with unconfigured outbound gateway banner

If emails are blocked, the admin user can review breaches through raised User Data Governance tickets. Tickets for blocked emails contain actions to either permanently delete the email message or to approve and release the email to recipients.

Where block mode is activated, select the Sensitivity level you want Coro to apply to decisions. Choose from:

  • Low sensitivity: Coro blocks only those emails that contain sensitive data items that would result in an open ticket. This is the default setting.

  • High sensitivity: Coro blocks emails that contain sensitive data items that would result in both open and automatically closed tickets.

Privacy sensitive data

The Privacy sensitive data section lets you create a data privacy configuration tailored to your organization’s needs. Based on your selected industry, Coro automatically selects the sensitive data types to monitor for access and exposure within email and shared cloud drive data. This streamlines data privacy setup and enables:

  • Industry-based configuration: Select your industry to tailor data privacy settings to your organization.

  • Automated sensitive data type recommendations: Coro automatically selects sensitive data types based on your industry to help reduce ticket fatigue by minimizing unnecessary ticket generation. For more information, see Sensitive data types assigned per industry.

  • Configuration customization: Modify industry selections and data types to fit your organization’s needs.

For information on the sensitive data that Coro recognizes, see Sensitive data recognized by Coro.

For information on sensitive data type tickets, see Ticket types for User Data Governance.

Creating a data privacy configuration

Use the Privacy sensitive data section on the Monitoring tab to create a data privacy configuration tailored to your organizational requirements.

Coro automatically assigns sensitive data types based on your selected industry.

To create a configuration:

  1. From the Monitoring tab, select SET UP PARAMETERS:

    Setup parameters

    Coro opens the Select industry dialog:

    Setup parameters

Editing a data privacy configuration

Security and business sensitive data

The Security and business sensitive data section allows you to enable monitoring of additional sensitive data types that are important to your individual organization.

Data Panel

Coro monitors the following Security and business sensitive data:

  • Passwords: Monitors for potential password exposure.

  • Certificates: Monitors security certificate files, such as SSL certificates, which are used to establish secure connections between web servers and browsers.

  • Source code: Monitors source code files (such as *.md, *.yaml, *.sh, *.slx, *.mdl, *.m, and *.json).

  • Data objects with specific keywords: Identifies and matches defined keywords in email and shared file content, including subject, body, and attachment filenames. Keyword matching is case validated, and Coro removes duplicate keywords, keeping only the lowercase version. Email domains and sender/recipient names are not used for keyword matching.

  • Specific file types: Monitors files added as email attachments and in shared drive content that match one of the defined file extentions.

Sensitive data types assigned per industry

Previous page
Next page