Data Classification Suite

for Windows (On-premises)

5.1
Use Case Guide
Copyright Terms and Conditions

Copyright © Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective
owners.
The content in this document is protected by the Copyright Laws of the United States of America and other countries worldwide.
The unauthorized use and/or duplication of this material without express and written permission from Fortra is strictly prohibited.
Excerpts and links may be used, provided that full and clear credit is given to Fortra with appropriate and specific direction to the
original content.
202409160204
Table of Contents

About this Guide 6

Audience 6

How to use this guide 6

About the Data Classification Suite Use Cases 6

Create a Configuration 8

Target the Configuration to a user in your test environment 8

Create a Classification Schema 9

Schema Examples 9

Create the Classification Schema 12

Display an alert when a confidential email message is sent 22

Display an alert when an email message contains multiple attachments 28

Display an alert based on multiple conditions 33

Use a Dynamic Property to assign a value 38

Visual Markings 46

Apply Classification to a document 46

Apply a watermark to documents classified as restricted 51

Use Overlay icons to represent Classification 56

Apply a Portion Mark to an email message (Military Edition feature) 59

Apply a watermark when a document is uploaded to Dropbox 61

Advanced Portion Marking (Military Edition feature) 65

Display a Body Tag to email author before sending the message 74

Use Case Guide www.fortra.com page: 3

Table of Contents

Auto and suggested Classification 83

Assign a Classification to an email message 83

Assign a Classification to a document based on its location 87

Use the Task Pane to alert when Classification is changed 91

Insert metadata into emails, documents, and files 93

Document Server Properties 93

Add keywords to Microsoft Office documents 98

Set Classification during Patrol Scan 101

Add Box metadata to documents when uploaded to Box 105

Save Microsoft Office documents as PDF with classification metadata 108

Automated Content Protection (RMS and S/MIME) 113

Apply RMS Protection to documents 113

Digitally sign (and/or encrypt) emails 116

Apply Custom RMS to documents 120

Attachment checking 124

Check email attachments 124

Attachment checking with Upgrade Message remediation option 128

Check email attachments for keywords 139

Prevent attachments without Classification from being sent 148

Exclude images in email signatures from attachment checking 153

Apply Classifications to unclassified attachments 158

Apply Classification to an attachment manually 162

Safe Recipients checking 165

Use Case Guide www.fortra.com page: 4

 Table of Contents

Perform safe recipients checking based on email properties and metadata 165

Perform safe recipients based on an Active Directory attribute 169

Perform safe recipients checking based on Active Directory group membership 174

Content Validation 182

Scan emails for credit card numbers 182

Scan documents for project names 191

Scan files for Social Security Numbers 197

Data protection and user education 207

Allow the original classifier to downgrade the Classification of a document 207

Prevent document printing 217

Alert users when a document is opened 220

Reset the document classification after specified time interval 225

Block documents from uploading to cloud storage 229

Prevent Document Sharing 232

Upgrade from Titus Classification 3.x 236

Schema – Titus 3.5 and 4.x+ comparison table 236

Upgrade from Titus Message Classification 3.x 237

Upgrade from Titus Classification for Microsoft Office 3.x 243

Contacting Fortra 245

Use Case Guide www.fortra.com page: 5

 About this Guide / Audience

About this Guide

NOTE: Forinformation about how to install the Data Classification Suite and the
Administration Console refer to the Fortra's Data Classification Suite (DCS) for Windows
(On-premises) Deployment Guide and Fortra's Data Classification Suite (DCS)
Administration Console (On-premises) Deployment Guide respectively.

Audience
This guide is for Administrators who are using the Administration Console to create and
manage Configurations. The Administrator can create multiple Configurations and target
them to Active Directory users or groups in the organization. This guide is also useful to set
up a trial edition of the product.

How to use this guide

The use cases in this document have been designed to highlight the capabilities of Fortra's
DCS for Outlook (On-premises), Fortra's DCS for Office (On-premises), and Fortra's DCS for
Desktop (On-premises).

Administrators can use these use cases as a reference when building Policies or as a
training exercise in a testing environment.

Before you start the use cases:

l install the Administration Console

l install the Data Classification Suite on a Client desktop on a separate machine in the
test environment of your organization

Fortra's Data Classification Suite (DCS) for Windows (On-premises) Deployment Guide and
Fortra's Data Classification Suite (DCS) Administration Console (On-premises) Deployment
Guide.

About the Data Classification Suite Use Cases

The use cases are grouped into the following categories:

l Visual Markings
l Auto and Suggested Classification

Use Case Guide www.fortra.com page: 6

 About this Guide / About the Data Classification Suite Use Cases

l Inserting Metadata into Email, Documents, and Files

l Automated Content Protection (RMS and S/MIME)
l Attachment Checking
l Safe Recipients Checking
l Content Validation
l Data Protection and User Education

These use cases show how to configure the Policies to classify, protect, and confidently
share information, and meet regulatory compliance requirements by identifying and
securing unstructured data.

The following symbols are used to identify which client applications can be used to create
the use case.

This symbol is used to identify use cases that can be created using Fortra's DCS
for Outlook (On-premises)

This symbol is used to identify use cases that can be created using Fortra's DCS
for Office (On-premises)

This symbol is used to identify use cases that can be created using Fortra's DCS
for Desktop (On-premises)

Use Case Guide www.fortra.com page: 7

 Create a Configuration / Target the Configuration to a user in your test environment

Create a Configuration
A Configuration contains the building blocks that define how DCS appears and interacts
with users and content in client applications. A Configuration is a collection of targeted
users and groups, a Schema, Policies, and Application Settings.

For complete information about Configurations, refer to the Fortra's Data Classification
Suite (DCS) Administration Console (On-premises) User Guide.

From the Administration Console:

1. Select the Configurations tab.

2. Click New.
3. Enter a name for the Configuration. In this example we created a Configuration
named “My Company”.
4. Select the License Key provided to you from the dropdown list.
The license, issued to you upon purchase, enables the correct edition: Professional
or Military.
Your license must be uploaded on the Licensing tab in the Administration Console
before it can be applied to a Configuration.
Do not select the checkbox to enable the Configuration until it has been reviewed in
a test environment. A disabled Configuration can be assigned to a test user.

Target the Configuration to a user in your test

environment
1. Enter the name of the test user in the text box.
2. Click the check mark to make sure that the name is valid.
3. Click Add.
4. Save the Configuration.

Use Case Guide www.fortra.com page: 8

 Create a Classification Schema / Schema Examples

Create a Classification Schema

A Schema interacts with users on the Client desktop by allowing the user to select
Classification labels from a Classification Selector dialog or the Windows Explorer context
menu in DCS for Desktop. In this scenario, the organization has implemented a Schema to
classify their emails, documents, or files as Public, Internal, Confidential, or Restricted.

NOTE: ASchema is required in order to create a Configuration. You can create a Schema
without any Fields.

When the user selects a Classification label, this information is stored:

l in the X-Header of an email message

l in the document properties of a Microsoft Office document
l in the selected files if the file type is configured as write enabled using an Adapter

Schema Examples
Metadata Schema in Microsoft Outlook
The Classification Selector dialog appears in Microsoft Outlook when the Administrator has
created a Classification Schema and:

l A user chooses Select from the Advanced icon.

l A user selects a classification from the One Click Classification in the ribbon
l A user right clicks on an email attachment in Microsoft Outlook and chooses Select
(Microsoft Outlook 2016+ only).
l When a message is sent when one or more Fields are required and the user has not
already made a selection.
l When the Fields are set to required and the user has not already made a selection. It
also appears on Save if DCS for Outlook has been configured to force select on save.
NOTE: The Classification Selector dialog will also appear when an Outlook user sends an
inline message.

The user is able to select a Value assigned to the Field.

The following Fields and Values are used in this example:

Use Case Guide www.fortra.com page: 9

 Create a Classification Schema / Schema Examples

l Classify is the name of the Field defined by the Administrator.

l Public, General Business,Titus Internal, Confidential, and Restricted are the Values
that the user is able to select and apply to the email message.

Metadata Schema in Microsoft Office

The Classification Selector dialog appears in Microsoft Office when the Administrator has
created a Classification Schema and:

l A user chooses Select from the Advanced button in the Ribbon or Favorites task
pane.
l A user selects a classification from the One Click Classification in the ribbon
l On Save when one or more Fields are required and the user has not already made a
selection.
l When the Fields are set to “Required” and the user has not already made a selection.

The user is able to select a Value assigned to the Field.

The following Fields and Values are used in this example:

l Classify is the name of the Field defined by the Administrator.

l Public, General Business, Titus Internal, Confidential, and Restricted are the Values
that the user is able to select and apply to the document.

Use Case Guide www.fortra.com page: 10

 Create a Classification Schema / Schema Examples

Metadata Schema on the Client desktop

The Classification Selector dialog appears when the Administrator has created a
Classification Schema and when the user selects the Metadata Properties option on the
Windows Explorer context menu (“right-click” menu).

Selecting Metadata Properties from the file context menu launches the Classification
Selector Dialog as seen in the screenshot below.

The user is able to select a Value assigned to the Field.

The following Fields and Values are used in this example:

l Classify is the name of the Field defined by the Administrator.

l Public, General Business, Titus Internal, Confidential, and Restricted are the Values
that the user is able to select and apply to the file.
NOTE: If you are using Windows 11, Classify is located under Show more options.

Use Case Guide www.fortra.com page: 11

 Create a Classification Schema / Create the Classification Schema

This Schema has been configured so that when a user selects Public another Field is
displayed.

Apply Visual Markings is a Conditional Field that only appears in the Classification Selector
dialog when the user selects Public as the value for the Classification Field.

Create the Classification Schema

EXAMPLE: A Schema can only be created within a Configuration.

Use Case Guide www.fortra.com page: 12

 Create a Classification Schema / Create the Classification Schema

1. Click the Configurations tab.

2. Select the “My Company” Configuration.
3. Click Edit.

Create a new Schema

1. Select Schema from the side menu bar.

The Metadata Schema includes the Fields, Values, Tooltips, and Descriptions that appear in
the Classification Selector Dialog. “Classification” is an example of a Field name.

2. Click New.

3. Enter a name for the Schema.

4. Verify the Namespace URI.

Use Case Guide www.fortra.com page: 13

 Create a Classification Schema / Create the Classification Schema

The Namespace URI is an automatically generated unique identifier for Schemas using this
license. We recommend that the default Namespace URI is used unless your organization
plans to create multiple Schemas.

Create a Field

1. Click New in the Fields section of the page.

A Field is displayed to the user in the Classification Selector Dialog and can also be used as
part of a conditional expression for a Policy or Rule.

Configure the Field

1. Enter a name for the Field in the Field Name text box; in this example,
“CLASSIFICATION”. The Field Name text appears in the metadata stored by Data
Classification products. Field Names must begin with a letter and can only contain
letters and numbers. Spaces cannot be used in the Field Name.
2. Select “Text” from the Field Type dropdown list to create a text Field.
3. Enter the display text for the Field in the Display Text text box. This text appears in
the Classification Selector Dialog; it can also be referenced in Policies and used for
Protective Markings.
4. Enter a Tooltip in the Tooltip text box. Users are able to view this Tooltip when they
hover their mouse over the Field in the Classification Selector Dialog.
5. Enter a description in the Description text box.
6. This descriptive text provides users with more information about the correct use of
the Field. This text can be enabled or disabled by the user in the Classification
Selector Dialog.
7. Ensure that the Enabled checkbox is selected to display the Field in the
Classification Selector Dialog.
8. Select or leave unchecked the Required checkbox. When a Field is “Required” the
user must select a Value before sending the email message.

Use Case Guide www.fortra.com page: 14

 Create a Classification Schema / Create the Classification Schema

Create a Value for the Field

1. Click Add.

A Value is a label that is associated with a Field. For example, the Field “Classification” may
contain Values such as Public, Internal, Confidential, and Restricted.

Values can be selected and applied to an email message, document, or file.

Define the Value

1. Enter a Value which will be stored as metadata for this classification; in this
example, “PUBLIC”.

Use Case Guide www.fortra.com page: 15

 Create a Classification Schema / Create the Classification Schema

2. Enter the Display Text which will appear in the Classification Selector Dialog for
users to view; in this example, “Public”.
This text appears in the Classification Selector Dialog. Display text can contain
spaces and punctuation to make it appear more readable.
3. Enter a Tooltip.
Users are able to view this Tooltip when they hover their mouse over the Value in the
Classification Selector Dialog. The Tooltip helps users to more accurately select the
classification for the message. Tooltips should be short and concise.
4. Enter a Description for the Value.
This descriptive text provides users with more information about the correct use of
the Value. This text can be enabled or disabled by the user in the Classification
Selector Dialog.
5. Check the Selected checkbox to set the current Value as the default Value. A default
Value can only be selected when a Field is not “Required” (i.e., the Required
checkbox is not selected).

Create Alternate Display Name Text

In this example, we will create abbreviations as alternate names for each Value. These
abbreviations can be used with features such as Subject Labels and Portion Marks.

1. Click Add.
2. Enter a name for the Alternate Display Text group in the Name text box; for example,
“Abbreviations”.
3. Enter the abbreviation for the Value name; for example, “P”.
4. Click OK.

Create Additional Values for the Field

Repeat the previous steps to create the following Values for the CLASSIFICATION Field:

Use Case Guide www.fortra.com page: 16

 Create a Classification Schema / Create the Classification Schema

l Internal
l Confidential
l Restricted

Set the On Downgrade Action to Warn

1. Select On Downgrade in the Value Change Messages section.

2. Select Warn from the dropdown list.
3. Enter a message to warn the user that they are attempting to downgrade the
classification level of the email.
4. Click Save.

Use Case Guide www.fortra.com page: 17

 Create a Classification Schema / Create the Classification Schema

Create an Additional Field with Values

1. Navigate to the main Schema Page and create a Field called Department and add
three Values.
In this example we have created the following Values for the Field:
l Engineering
l Human Resources
l Finance

Use Case Guide www.fortra.com page: 18

 Create a Classification Schema / Create the Classification Schema

l Senior Managers

2. Once you have created the Field and its Values click the Save button at the bottom of
the Field Page.

Two Fields now exist for the Schema.

Configure Field Conditionality

Field Conditionality defines the relationships between Fields and Dependent Fields. A
Dependent Field is a Field that only appears when a Value from another Field is selected.

In this example the “DEPARTMENT” Field will only appear when the Value “Internal” is
selected from the “CLASSIFICATION” Field. Departments are not relevant to the other
classification Values.

Scroll down to the Field Conditionality section of the Schema Page.

1. Click Add.

Use Case Guide www.fortra.com page: 19

 Create a Classification Schema / Create the Classification Schema

Add a Field to Schema Conditionality

1. Select CLASSIFICATION as the Target Field from the first dropdown list.

2. Select the checkbox beside the Value Restricted.

Use Case Guide www.fortra.com page: 20

 Create a Classification Schema / Create the Classification Schema

This is the only selection because the Department Field only applies to email
messages that have been Classified as Restricted.
3. Select Department from the Dependent Field dropdown list.
4. Check all options:
l Engineering
l Human Resources
l Finance
l Senior Managers

5. Click Preview to display the Schema Field Preview.

The Schema Field Preview shows you Field Conditionality as it will appear to users now that
“DEPARTMENT” has been added as a Dependent Field of the “Restricted” Value of the
“CLASSIFICATION” Field.

Use Case Guide www.fortra.com page: 21

 Display an alert when a confidential email message is sent /

Display an alert when a confidential

email message is sent
This use case illustrates how Classification can be used to trigger an Action.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See
policy 2.3 Alert When Confidential Message Sent in sample
UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar.

2. Click New to create a new Policy.

3. Enter a name for the Policy in the Policy Name text box; in this example, “Alert when
Confidential Message Sent”.
4. Enter a description of the purpose of the Policy in the Policy Description text box.
5. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
6. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event that triggers the Policy.
7. Click Save and Continue.

Use Case Guide www.fortra.com page: 22

 Display an alert when a confidential email message is sent /

The Administrator can create a condition to specify when the Rules contained in the Policy
are run.

For this example, no conditions were created to define when the Rule is applied. The Rules
created for this Policy will be evaluated for each message that is sent.

Create the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.

Configure the Rule

1. Enter a name for the Rule; in this example, “Alert When Confidential Message Sent”.
This Rule Name indicates the purpose of the Rule.
2. Enter a Rule Description to further describe the purpose of the Rule.

Use Case Guide www.fortra.com page: 23

 Display an alert when a confidential email message is sent /

3. Select the Rule Active checkbox to enable the Rule. By default, Rules are disabled
when they are created.
4. Leave Repeat Rule unchecked.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case it is not required that the Rule be repeated.
5. Click Save and Continue.

Create the Conditional Expression

The defined conditions must be evaluated as true in order to apply the Actions associated
with the Rule. In this use case Actions are only applied if the email message has been
classified as Confidential.

1. Click Edit in the Condition section of the page.

Create the Conditional Expression

Use Case Guide www.fortra.com page: 24

 Display an alert when a confidential email message is sent /

1. Click the Add Condition ( ) button.

2. Click the Properties dropdown arrow and select
“Message.Metadata.CLASSIFICATION”.
3. Select the “=” operator from the Operator dropdown list.
4. Enter “CONFIDENTIAL” in the Value text box.
5. Click OK.

Create and configure the Action

Actions perform functionality defined by the Administrator based on an event such as an

email being sent or started, or when the user changes the classification of a message. The
functions executed by each Action are unique to each Data Classification solution.

Actions also interact with the user via Warning Dialogs, Visual Markings, or by modifying the
email message on the Client desktop.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 25

 Display an alert when a confidential email message is sent /

2. Enter a name for the Action in the Action Name text box; in this example,
“Confidential Classification Alert”.
3. Enter a description of the Action in the Action Description text box. The description
should provide further detail about when and why the Action should be applied.
4. Leave the Policy Event as the default “Occurs when a message is sent”.
5. Select “Alert” from the Action Type dropdown list.
6. Save the Action.

Define the Action Parameters

1. Edit each parameter to match the image to the left.

Title – This is the title text for the Policy Warning Dialog.
Detailed Description – This is the message that describes the details of the policy
violation to users in the Policy Warning Dialog.
Expand Detailed Description - Set to Yes to have the detailed description appear by
default.
Enable Justification – Set to False by default. When True the user is permitted to
provide information about why they are disregarding the policy warning and still
sending the email message.
Severity – Possible values are Log Only, Warn, and Prevent. In this use case the user
will be warned when they violate the policy.
2. Click the Save button to save your changes.

Use Case Guide www.fortra.com page: 26

 Display an alert when a confidential email message is sent /

Select the Actions When True

1. Select “Confidential Classification Alert” in the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
This Rule applies the Confidential Classification Alert Action when the message is sent
if the user selects “Confidential” classification from the Classification Selector Dialog.
As a result, an Alert appears.

Use Case Guide www.fortra.com page: 27

 Display an alert when an email message contains multiple attachments /

Display an alert when an email

message contains multiple
attachments
This use case illustrates that email properties can also be used to trigger an Alert on the
Client desktop. This is created using Fortra Data Classification for Microsoft Outlook for
Microsoft Outlook

NOTE: See
policy 2.4 Alert When Message has Multiple Attachments in sample
UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the Policy Name text box; in this example, “Alert When
Message contains multiple attachments”.
3. Enter a description of the purpose of the Policy in the PolicyDescription text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event triggers the Policy.
6. Click Save and Continue.

Create and Configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Alert When Message contains multiple
attachments”.

Use Case Guide www.fortra.com page: 28

 Display an alert when an email message contains multiple attachments /

3. Enter a Rule Description to further describe the purpose of the Rule.

4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case it is not required that the Rule be repeated.
6. Click Save and Continue.

Create the Conditional Expression

The defined condition(s) must be evaluated as true in order to apply the Actions associated
with the Rule. In this use case Actions are only applied if the email message contains
multiple attachments.

1. Click Editin the Condition section of the page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.AttachmentCount”.
4. Select the greater than “>” operator from the Operator dropdown list.
5. Enter “1” in the Value text box.
6. Click OK.

Use Case Guide www.fortra.com page: 29

 Display an alert when an email message contains multiple attachments /

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Alert –
multiple attachments”.
3. Enter a description of the Action in the Action Description text box. The description
should provide further detail about when and why the Action should be applied.
4. Leave the Policy Event as the default “Occurs when a message is sent”.
5. Select “Alert” from the Action Type dropdown list.
6. Save the Action.

Use Case Guide www.fortra.com page: 30

 Display an alert when an email message contains multiple attachments /

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit each parameter to match the image to the left.

Title – This is the title text for the Policy Warning Dialog.
Detailed Description – This is the message that describes the details of the policy
violation to users in the Policy Warning Dialog.
Expand Detailed Description - Set to True if you want the detailed description to
appear by default.
Enable Justification – Set to False by default. When True the user is permitted to
provide information about why they are disregarding the policy warning and still
sending the email message.
Severity – Possible values are Log Only, Warn, and Prevent. In this use case the user
will be warned when they violate the policy.
2. Save your changes.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Alert – multiple attachments” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
An email is sent that contains more than one attachment. A warning is displayed to the
user.

Use Case Guide www.fortra.com page: 31

 Display an alert when an email message contains multiple attachments /

Use Case Guide www.fortra.com page: 32

 Display an alert based on multiple conditions /

Display an alert based on multiple

conditions
This use case illustrates that multiple conditions can be used to trigger an alert on the
Client desktop. The alert is displayed when an email message is classified as Confidential,
contains more than one attachment, and the total size of the attachments exceed 300 KB.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See
policy 2.5 Alert based on Multiple Conditions Policy in sample
UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the Policy Name text box; in this example, “Alert
triggered by multiple Conditions”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

This Rule will combine email properties and classification metadata to trigger the Actions
associated with the Rule.

1. Click New in the Rules section of the page to create a Rule for the Policy.

Use Case Guide www.fortra.com page: 33

 Display an alert based on multiple conditions /

2. Enter a name for the Rule; in this example, “Alert When Message Contains Multiple
Conditions”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
6. Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case it is not required that the Rule be repeated.
7. Click Save and Continue.

Create the Conditional Expression

The defined conditions must be evaluated as true in order to apply the Actions associated
with the Rule. In this use case Actions are only applied if the email message is:

l classified as “CONFIDENTIAL", AND

l the message contains more than one attachment, AND
l the total size of the attachments exceeds 300 KB.
1. Click Edit in the Condition section of the page.
2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Message.Metadata.CLASSIFICATION”.
4. Select the equal to “=” operator from the Operator dropdown list.
5. Enter “CONFIDENTIAL” in the Value text box.
6. Click the Add Condition ( ) button to add another condition. Ensure “AND” is
selected in the top left.
7. Select a property and an operator and type “1” to create the following expression:
8. Message.AttachmentCount > 1
9. Repeat steps 2 and 3 to add the final condition:

Use Case Guide www.fortra.com page: 34

 Display an alert based on multiple conditions /

Message.AttachmentTotalSizeKB > 300

Your conditional expression should match the image to the left.
9. Click OK.

Create the Action

1. Click New in the Actions When True section.

The Add/Edit ActAlion page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Alert for
multiple conditions”.
3. Enter a description of the Action in the Action Description text box. The description
should provide further detail about when and why the Action should be applied.
4. Leave the Policy Event as the default “Occurs when a message is sent”.
5. Select “Alert” from the Action Type dropdown list.
6. Save the Action.

Use Case Guide www.fortra.com page: 35

 Display an alert based on multiple conditions /

Configure the Action

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit each parameter to match the image to the left.

Title – This is the title text for the Policy Warning Dialog.
Detailed Description – This is the message that describes the details of the policy
violation to users in the Policy Warning Dialog.
Expand Detailed Description - Set to Yes to have the detailed description appear by
default.
Enable Justification – Set to False by default. When True the user is permitted to
provide information about why they are disregarding the policy warning and still
sending the email message.
Severity – Possible values are Log Only, Warn, and Prevent. In this use case the user
will be warned when they violate the policy.
2. Save your changes.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Alert for multiple conditions” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 36

 Display an alert based on multiple conditions /

EXAMPLE:
An email message is sent and classified as Confidential with a total size higher than
300k.

Use Case Guide www.fortra.com page: 37

 Use a Dynamic Property to assign a value /

Use a Dynamic Property to assign a

value
This example illustrates how to use a Dynamic Property to assign a value. The Dynamic
Property in this example prevents multiple messages from appearing in the Warning dialog.
The email author only needs to know if the message contains an external recipient. A
warning is not required for each external recipient instance.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See
policy 2.6 Use a Dynamic Property to Assign a Value in sample
UseCasesGuide.TCF file.

Create a Policy

This Policy searches for an external recipient in email messages that are classified as
Confidential.

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example,“External
Recipients on Confidential Email”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event triggers the Policy.
6. Click Save and Continue.

Create the first rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “ExternalRecipient”.

Use Case Guide www.fortra.com page: 38

 Use a Dynamic Property to assign a value /

3. Enter a Rule Description to further describe the purpose of the Rule.

4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
Rules must be explicitly repeated if they apply to recipients or attachments. This
Rule does not need to be repeated.
6. Click Save and Continue.

Create the Assign Dynamic Property for the first rule

In this example, if a message contains an external recipient, a value will be assigned that
can be used in a conditional expression.

Once you have created an “Assign” Dynamic Property, create a Property Assignment so the
Administrator can input values that Fortra's DCS does not provide out of the box.

1. Click Newin the Dynamic Properties section of the Add/Edit Rule page to create a
new Dynamic Property.
2. Enter the Dynamic Property Name; in this example, “ContainsExternalRecipient”. This
name will appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description to further describe the purpose of the
Dynamic Property.
4. Select Assign from the Function dropdown list.

Define the Parameters for the Dynamic Property

Use Case Guide www.fortra.com page: 39

 Use a Dynamic Property to assign a value /

1. Select the Value parameter and click Edit.

2. Enter “False” in the Value text box.

3. Click OK.
4. Click Save.

Create the Conditional Expression for the first rule

The defined condition(s) must be evaluated as true in order to apply the Action(s)
associated with the Rule.

1. Click Editin the Condition section of the page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Message.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “CONFIDENTIAL” in the Value text box.
6. ClickOK.
7. Click Save.

Use Case Guide www.fortra.com page: 40

 Use a Dynamic Property to assign a value /

Create a second rule or child rule of External Recipient

1. Select the parent rule (in this case “External Recipient”) and click New.
2. Enter a name for the Rule; in this example, “Scan for External Recipients”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each message recipient is evaluated by
the Rule.
6. Select “Message.Recipient” from the dropdown list.
7. Click Save and Continue.

Create the Conditional Expression for the second rule

1. Click Editin the Condition section of the page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.Recipient.Domain”.
4. Select the does not equal “!=” operator from the Operator dropdown list.
5. Enter “titus.com” in the Value text box.
6. Click OK.

Create the “Assign” Dynamic Property for the second rule

1. Click New in the Dynamic Properties section of the Add/Edit Rule page to create a
new Dynamic Property.

Use Case Guide www.fortra.com page: 41

 Use a Dynamic Property to assign a value /

2. Enter the Dynamic Property Name; in this example, “ContainsExternalRecipient”.

3. Enter the Dynamic Property Description.
4. Select “Assign” from the Function dropdown list.
5. Click OK.
6. Click Save.

Define the Parameters for the Dynamic Property

1. Select the Value parameter and click the Edit button.

2. Enter “True” in the Value text box.
3. Click OK.
4. Save the Dynamic Property.

Create a third rule or child rule for Scan for External Recipients

1. Select the parent Rule (in this case “Scan for External Recipients”) and click New.
2. Enter a name for the Rule; in this example, “Alert User”.
3. Enter a Rule Ddescription to further describe the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 42

 Use a Dynamic Property to assign a value /

Create the Conditional Expression for the third rule

1. Click the Edit button in the Condition section of the page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “ContainsExternalRecipient”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “true” in the Value text box.
6. Click OK.

Create the Action

1. Click Newin the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Alert
users”.
3. Enter a description of the Action in the Action Description text box. The description
should provide further detail about when and why the action should be applied.
4. Leave the Policy Event as the default “Occurs when a message is sent”.
5. Select “Alert” from the Action Type dropdown list.

Use Case Guide www.fortra.com page: 43

 Use a Dynamic Property to assign a value /

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit each parameter to match the image to the left.

Title – This is the title text for the Policy Warning Dialog.
Detailed Description – This is the message that describes the details of the policy
violation to users in the Policy Warning Dialog.
Expand Detailed Description - Set to True if you want the detailed description to
appear by default.
Enable Justification – Set to False by default. When True the user is permitted to
provide information about why they are disregarding the policy warning and still
sending the email message.
Severity – Possible values are Log Only, Warn, and Prevent. In this use case the user
will be warned when they violate the policy.
2. Save the Action.

EXAMPLE:
A user attempted to send a message to multiple external recipients. The Dynamic
Function is used to ensure that only one message appears in the Warning dialog.

Use Case Guide www.fortra.com page: 44

 Use a Dynamic Property to assign a value /

Use Case Guide www.fortra.com page: 45

 Visual Markings / Apply Classification to a document

Visual Markings
Visual Markings include Headers/Footers, Document Markings, Watermarks, Subject Labels,
Portion Marks, and Overlay Icons. These protective markings are designed to promote
security awareness, accountability, and ensure proper handling of corporate information.

Policies can be created to automatically apply Visual Markings and handling instructions to
content to ensure that the sensitivity and business value of corporate information is
identified.

Visual Markings Polices can be fine-tuned to accommodate specific business requirements.

Visual markings can be applied:

l when the user selects a Classification

l when a Classification is automatically applied
l independent of classification

Apply Classification to a document

This use case illustrates howFortra's DCS for Office (On-premises) can identify the
document classification on Save using Document Marking. In this example, we use a
Document Marking Action to apply the classification to an existing header. This Action is
used to insert a text box in the Word document. This text box can be placed in the document
without any impact on existing Headers and Footers.

This is created using DCS for Office

NOTE: See policy 3.1 Apply Document Markings in sample UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 46

 Visual Markings / Apply Classification to a document

Create a Policy

This Policy will apply the document markings on Save.

1. Select Policies from the side menu bar and click the New button to create a Policy.
2. Enter a name for the Policy in the Policy Name text box; in this example, “Apply
Document Markings”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event that triggers the Policy.
6. Click the Save and Continue button.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Document Markings”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Use Case Guide www.fortra.com page: 47

 Visual Markings / Apply Classification to a document

Create the Action

1. Click the New button in the Actions When True section.

2. The Add/Edit Action page appears.

3. Enter a name for the Action in the Action Name text box; in this example, “Apply
Document Marking to document header”.
4. Enter a description in the Action Description text box. The description should provide
further detail about when and why the action should be applied.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list.
6. Select “Apply Document Markings” from the Action Type dropdown list.

Use Case Guide www.fortra.com page: 48

 Visual Markings / Apply Classification to a document

Define the Action Parameters

For this use case we will update only two parameters: Content and Pages.

1. Click Content in the Parameters section of the page and click the Edit button.
2. In the Edit Parameter Value window, enter the property or text you want to use in the
Document Marking. Use the down arrow icon to select an available property from the
list.
3. In this example the Administrator selected the
Document.Metadata.CLASSIFICATION property which will insert the classification in
the header of the document.
4. Click OK .

Use Case Guide www.fortra.com page: 49

 Visual Markings / Apply Classification to a document

5. Click the Pages parameter and click Edit.

6. Select both “Odd” and “Even” from the list. Use Ctrl+Click to select more than one
option.
NOTE: “First” should only be selected if your organization uses a template that
contains a unique Header/Footer on the First Page of all documents. If “First” is
selected and the “Different First Page” option is not selected, Document Marking
will replace any existing Headers/Footers in the document.

7. Click OK.
8. Click Save to save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Apply Document Markings” from the Available Actions list box.
2. Click the arrow to move the selected Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 50

 Visual Markings / Apply a watermark to documents classified as restricted

EXAMPLE:
When the document is saved a Document Marking indicating the classification is
inserted in the header. This Document Marking is applied as a text box in the header
region of the document. It does not have any impact on existing Headers in the
document.

Apply a watermark to documents classified as

restricted
This use case illustrates how Fortra's DCS for Office (On-premises) can automatically apply
a Watermark to Restricted documents when they are closed.

This is created using DCS for Office

NOTE: See
policy 3.2 Visual Markings for Restricted Documents in sample
UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 51

 Visual Markings / Apply a watermark to documents classified as restricted

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the Policy Name text box; in this example, “Document
Visual Markings”.
This Policy will contain a Rule that defines the conditions when the “Document
Visual Markings” Action is applied.
3. Enter a description of the purpose of the Policy in the Policy Descriptions text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when the currently active document is being closed” from the Policy
Event dropdown list.
6. Click the Save and Continue button.

The Administrator can create a condition to specify when the Rules contained in the Policy
are run. Conditions are defined at the Policy level to define when Rules are invoked.

For this example we did not create any conditions to define when the Rule is applied. The
Rule(s) created for this Policy will be evaluated for each document before it is saved.

Create and configure the Rule

Use Case Guide www.fortra.com page: 52

 Visual Markings / Apply a watermark to documents classified as restricted

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Watermark to Restricted
documents”.
3. Enter a Rule Description to further describe the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click the Save and Continue button.

Create the Conditional Expression

The defined condition(s) must be evaluated as true in order to apply the Action(s)
associated with the Rule.

1. Click the Edit button in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.

3. Click the Properties dropdown arrow and select
“Document.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.

Use Case Guide www.fortra.com page: 53

 Visual Markings / Apply a watermark to documents classified as restricted

5. Enter “RESTRICTED” in the Value text box.

6. Click the OK button.

Create the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply
Watermark on Close”.
3. Enter a description of the Action in the Action Description text box. The description
should provide further detail about when and why the action should be applied.
4. Select “Occurs when the currently active document is being closed” from the Policy
Event dropdown list.
5. Select “Apply Watermark” from the Action Type dropdown list.

Use Case Guide www.fortra.com page: 54

 Visual Markings / Apply a watermark to documents classified as restricted

Define the Action Parameters

1. Select the Content parameter and click the Edit button.

2. Enter the text you want to display as a Watermark in the Value text box.
The Administrator can enter plain text into the Value text box or replaceable
parameters.
In this example the Administrator has inserted a Field Code; this will insert the
classification selected by user as the Watermark.
The HTML tag “<br>” is also supported. It is used to manually insert a line break in
the watermark. The following will apply a watermark with the classification on the
first line and the user name of the person currently logged into Microsoft Windows
on the second line:
{{Document.Metadata.CLASSIFICATION}}<br>{{UserName}}
3. Click the OK button to save the Action parameter.
4. Click the Save button to save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Apply Watermark on Close” from the Available Actions list box.
2. Click the arrow to move the selected Action to the Selected Actions list box.

Use Case Guide www.fortra.com page: 55

 Visual Markings / Use Overlay icons to represent Classification

3. Click the OK button.

4. Save the Rule and Policy.

EXAMPLE:
The document contains a Watermark with two lines: the classification on the first and
the user name on the second.

Use Overlay icons to represent Classification

Use Case Guide www.fortra.com page: 56

 Visual Markings / Use Overlay icons to represent Classification

This use case illustrates how to select and define the parameters associated with an
Overlay Icon. DCS provides seven Overlay icons.

This is created using Fortra Data Classification for Microsoft Outlook for Desktop

NOTE: See
policy 3.3 Overlay Icons to Represent Classification in sample
UseCasesGuide.TCF file.

Create a new Overlay Icon

1. Select Application Settings from the side menu bar.

2. Find Desktop Add-In Settings in the “Feature Name” column and click Edit in the
“Desktop” column.
3. Scroll to the Overlay Icons Settings section at the bottom of the page.
4. Click the first Overlay Icon dropdown arrow and select an icon from the list.
5. In the Overlay Condition textbox, enter the condition defining when the Overlay Icon
is applied.
To apply the icon when the file contains metadata with a specific Value enter the
following condition:
File.Metadata.FIELDNAME==Value, for example:
File.Metadata.CLASSIFICATION==PUBLIC
To apply the icon when the file contains any metadata with any Value enter the
following condition:
File.Metadata != ""
To apply the icon when the file contains no metadata enter the following condition:
File.Metadata == ""
6. Click Save.

To view the Overlay icon on a file

1. Right-click a file.
2. Select a Classification Value.

Use Case Guide www.fortra.com page: 57

 Visual Markings / Use Overlay icons to represent Classification

When a user clicks on a Flyout Menu item, the metadata value is applied to the file. Once the
metadata has been applied to the file a checkmark appears beside the selected Flyout
Menu items.

If icon overlay is enabled the icon will appear on the file indicating that it contains Fortra
Data Classification for Desktop metadata.

NOTE: If
you are using Windows 11, Classification values are located under Show more
options.

If Icon Overlays are enabled, documents that contain Fortra Data Classification for Desktop
metadata are identified with an icon. The icons provided by DCS appear in the bottom left
corner.

Use Case Guide www.fortra.com page: 58

 Visual Markings / Apply a Portion Mark to an email message (Military Edition feature)

Apply a Portion Mark to an email message (Military

Edition feature)
This use case illustrates how to configure Portion Marking for Microsoft Outlook users.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See 3.4 Apply a Portion Mark to an Email in sample UseCasesGuide.TCF file.

NOTE: Thisuse case can only be performed using a Fortra Data Classification for
Microsoft Outlook Military license.

Enable and configure Portion Marking

1. Select Application Settings from the side menu bar.

2. Find Portion Marking in the “Feature Name” column and click Edit in the “Outlook”
column.
3. Select the Enable Portion Marking checkbox.
Impose Upgrade messages is selected by default. This setting is used to preserve or
disable the change, upgrade, and downgrade behavior defined for the Field when
creating a Portion Mark.
4. Click in the Portion Mark Formatting text box.
The Portion Mark Formatting string defines what will appear in the Portion Mark. You
can include Classification Fields and indicate any Alternate Labels for the selected
Field Code.
To display in a Portion Mark as an abbreviation such as (P) for Public, the Portion
Marking string would appear as:
{{Message.Metadata.CLASSIFICATION|Alt=Abbreviations}}
“Abbreviations” is the name for the Alternate text group created for the classification
Field Values.
5. Click the Save button at the bottom of the page.

Use Case Guide www.fortra.com page: 59

 Visual Markings / Apply a Portion Mark to an email message (Military Edition feature)

Enable the Options tab

1. Select Application Settings from the side menu bar.

2. Find Ribbons Settings in the “Feature Name” column and click Edit in the “Outlook”
column.
3. Select the Enable Options Ribbon Group checkbox. This causes the Portion Marking
icon to appear in the Ribbon.
4. Click the Save button at the bottom of the page.

Adding Portion Marks to an email in Microsoft Outlook

The Portion Marking feature is used to classify a portion of an email message. Using
Portion Marks in this way enables users to label specific portions of an email clearly and
with a high level of granularity.

When the Options Ribbon Group is enabled the Add Portion Mark button appears in the
Ribbon.

1. Place your cursor where you would like the Portion Mark to appear. The Portion Mark
will be inserted before, after, or before and after the paragraph depending on how the
feature was configured in Application Settings.

Use Case Guide www.fortra.com page: 60

 Visual Markings / Apply a watermark when a document is uploaded to Dropbox

2. Click Add Portion Mark in the Ribbon at the top of the pane.
The Portion Marking window appears.
3. Select a classification.
4. Click OK.

EXAMPLE:
A user has Portion Marked each paragraph. Notice that the Portion Marks appear as
Alternate Display Text. The Portion Marks have been configured to display
abbreviations.

Apply a watermark when a document is uploaded to

Dropbox

Use Case Guide www.fortra.com page: 61

 Visual Markings / Apply a watermark when a document is uploaded to Dropbox

This use case illustrates how to apply a Watermark to documents when they are uploaded
to Dropbox.

It was created using DCS for Office.

NOTE: To perform this procedure a Cloud Storage Activation key is required in addition to
the license file.

NOTE: See policy 3.5 Watermark to Dropbox Documents in sample UseCasesGuide.TCF

file.

Configure the Cloud Services settings

1. Select Application Settings from the side menu bar.

2. Find Cloud Services Settings in the Feature Name column and click Edit in the Global
column.
3. Select the Enable Dropbox Integration checkbox.
4. Click the Save button at the bottom of the page.

Enable the Options Ribbon

1. Select Application Settings from the side menu bar.

2. Find Ribbons Settings in the Feature Name column and click Edit in the Global
column.
3. Select the Enable Options Ribbon Group checkbox.
This option must be enabled in order to display the Upload button in the Ribbon.
4. Click the Save button at the bottom of the page.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Apply
Watermark to Dropbox Documents”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.

Use Case Guide www.fortra.com page: 62

 Visual Markings / Apply a watermark when a document is uploaded to Dropbox

5. Select “Occurs when a document is uploaded to file storage in the cloud” from the
Policy Event dropdown list. This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Watermark to Dropbox
Documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply
Watermark to Dropbox Documents”.
3. Enter a description of the Action in the Action Description text box.

Use Case Guide www.fortra.com page: 63

 Visual Markings / Apply a watermark when a document is uploaded to Dropbox

4. Select “Occurs when a document is uploaded to a file storage in the cloud” Policy
Event. This Event triggers the Action.
5. Select “Apply Watermark” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.
For this use case, only the Content parameter is changed.

1. Click Content in the Parameters section of the page and click the Edit button.
2. In the Edit Parameter Value window, enter the property/text you want to use for the
Watermark. Use the down arrow icon to select an available property from the list; in
this example:
[Document.Metadata.CLASSIFICATION]
3. Click the OK button to save the changes to the Action parameter.
4. Click the Save button to save the Action.

EXAMPLE:
A Watermark indicating the document classification appears when the user clicks
Upload.

Use Case Guide www.fortra.com page: 64

 Visual Markings / Advanced Portion Marking (Military Edition feature)

Advanced Portion Marking (Military Edition feature)

This use case illustrates how to configure Portion Marking to insert a new Value when all of
the options available in a multiselect are checked. For this use case we created a new
Configuration and Schema.

This is created using DCS for Office.

NOTE: See policy 3.6 Advanced Portion Marking in sample UseCasesGuide.TCF file.

NOTE: Thisuse case can only be performed using a Fortra's DCS for Desktop (On-
premises) Military license.

Create a New Configuration and Schema

1. Create a new Configuration. See Create a Configuration for more information.

2. Create a new Schema See Create the Classification Schema on page 12 for more
information.
NOTE: Remember to set Maximum Selection to 5 so that users can make multiple
selections.

3. Create the Field Releasableto with the values:

l Australia
l Canada
l New Zealand

Use Case Guide www.fortra.com page: 65

 Visual Markings / Advanced Portion Marking (Military Edition feature)

l United Kingdom
l United States

Enable and Configure Portion Marking

NOTE: Clearthe “Use Global Settings” checkbox before changing Word: Portion Marking
or Word: Ribbon Settings.

1. Select Application Settings from the side menu bar.

2. Find Portion Marking in the “Feature Name” column and click Edit in the “Word”
column.
3. Select the Enable Portion Marking checkbox.
4. Enter {{Document.Metadata.Releasableto}} in the Portion Mark Formatting text box.
5. Select the Use only Portion Marking Policies checkbox.
6. Click the Save button at the bottom of the page.

Use Case Guide www.fortra.com page: 66

 Visual Markings / Advanced Portion Marking (Military Edition feature)

Enable the Options tab

1. Select Application Settings from the side menu bar.

2. Find Ribbons Settings Marking in the “Feature Name” column and click Edit in the
“Word” column.
3. Select the Enable Options Ribbon Group checkbox.
4. Click the Save button at the bottom of the page.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Five Eyes
Portion Marking”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a portion mark is added, edited, or deleted in a document” from
the Policy Event dropdown list. This Event triggers the Policy.
6. Click the Save and Continue button.

Use Case Guide www.fortra.com page: 67

 Visual Markings / Advanced Portion Marking (Military Edition feature)

Create and Configure the First Rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Portion Mark to documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click the Save and Continue button.

Create the Conditional Expression for the first rule

This Condition specifies that the Rule is only applied when all of the options in the
Releasable to multiselect Field are not selected.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“PortionMark.Metadta.Releasableto”.
4. Select the “!=” operator from the Operator dropdown list.
5. Enter “Australia;Canada;New Zealand;United Kingdom;United States” in the Value
text box.
6. Click the OK button.

Use Case Guide www.fortra.com page: 68

 Visual Markings / Advanced Portion Marking (Military Edition feature)

Create the Apply PM Action

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply PM”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when a Portion Mark is added, edited, or deleted in a document” from
the Policy Event dropdown list. This Event triggers the Action.
5. Select “Apply Portion Mark” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameter Values to match the image on the left.

2. Click OK to save changes to each Action parameter.
3. Click Save to save the Action.

Create the Apply PM Metadata Action

Use Case Guide www.fortra.com page: 69

 Visual Markings / Advanced Portion Marking (Military Edition feature)

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply PM
Metadata”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Set Classification” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameter Values to match the image on the left.

2. Click OK to save changes to each Action parameter.
3. Change the Classification to set parameter value to
“Releasableto=PortionMark.Metadata.Releasableto”.
4. Click Save to save the Action.

Create and Configure the second rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Five Eyes Portion Mark”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.

Use Case Guide www.fortra.com page: 70

 Visual Markings / Advanced Portion Marking (Military Edition feature)

5. Click Save and Continue.

Create the Conditional Expression for the second rule

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“PortionMark.Metadata.Releasableto”.
4. Select the “contains” operator from the Operator dropdown list.
5. Enter “Australia” in the Value text box.
6. Repeat for each of the four remaining Values. Ensure that “AND” is selected in the
top dropdown list.
7. Click the OK button.

Add the Action for the second rule to add the Portion Mark metadata

1. Click Add/Edit in the Actions When True section.

Use Case Guide www.fortra.com page: 71

 Visual Markings / Advanced Portion Marking (Military Edition feature)

2. Select the “Apply PM Metadata” Action from the list of available actions and move it
to the Selected Actions list.

Create a new Action for the second rule

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply
portion marking five eyes”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when a Portion Mark is added, edited, or deleted in a document” from
the Policy Event dropdown list. This Event triggers the Action.
5. Select “Apply Portion Mark” from the Action Type dropdown list.

Define the Action Parameters

1. Change the Portion Mark Formatting parameter value to “Five Eyes”.

Use Case Guide www.fortra.com page: 72

 Visual Markings / Advanced Portion Marking (Military Edition feature)

2. Click OK to save changes to this Action parameter.

3. Click Save to save the Action.

Select the Actions When True

1. Select “Apply Five Eyes Portion Marking” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
The user has selected to include all five Values in the Portion Mark.

When all five options are selected, “Five Eyes” is inserted as the Portion Mark.

Use Case Guide www.fortra.com page: 73

 Visual Markings / Display a Body Tag to email author before sending the message

When only one option is selected, the original Value is inserted as the Portion Mark.

Display a Body Tag to email author before sending the

message
This use case describes how to update the Body Tag when the message author changes the
Classification. A Body Tag is applied to ensure that its contents are current and changes
have not been made.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Create a default Classification

1. Select Schema from the side menu bar.

2. Select the desired Schema from the list that appears; in this example, “My Company
Schema”.
3. Click Edit.

Use Case Guide www.fortra.com page: 74

 Visual Markings / Display a Body Tag to email author before sending the message

4. Select the Field “CLASSIFICATION”.

5. Click Edit.

6. Select “PUBLIC” from the list of Values.

7. Click Edit.

Use Case Guide www.fortra.com page: 75

 Visual Markings / Display a Body Tag to email author before sending the message

8. Select the Selected checkbox to set the default Classification of messages to

“Public”.
10. Save the Field and the Schema.

Create the first policy

NOTE: See
policy 3.7-1 Display Body Tag To Email before sent in
sampleUseCasesGuide.TCF file.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
NOTE: Only use this Policy if you have configured the Schema to include a default
classification.

2. Enter a name for the Policy in the Policy Name text box; in this example, “Display
Body Tags in Email before it is sent”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a new message is started” from the Policy Event dropdown list.
This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule for the first policy

Use Case Guide www.fortra.com page: 76

 Visual Markings / Display a Body Tag to email author before sending the message

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Display Body Tag to email author”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case repetition of the Rule is not required.
6. Click Save and Continue.

Create the Action

1. Click Newin the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Body Tag”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when a new message is started” from the Policy Event dropdown list.
This Event triggers the Action.
5. Select “Body Tagging” from the Action Type dropdown list.
6. Save the Action.

Configuring the Action

Action parameters are configured by selecting the parameter and clicking the Edit button.

Use Case Guide www.fortra.com page: 77

 Visual Markings / Display a Body Tag to email author before sending the message

1. Edit the parameters to match the image to the left.

HTML Content – The text that will appear in the Body Tag. Use the dropdown arrow
to select available properties.
Tag Location – By default Header is selected.
Border – Select “Yes” to include a border around the Body Tag.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Body Tag” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Create the second policy

This Policy updates the Body Tags in an email when the classification is changed.

NOTE: See
policy 3.7-2 Update Body Tag When Classification changed in sample
UseCasesGuide.TCF file.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Update
Body Tags when Classification is changed”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.

Use Case Guide www.fortra.com page: 78

 Visual Markings / Display a Body Tag to email author before sending the message

4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when user changes the classification of a message” from the Policy
Event dropdown list. This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule for the second policy

This Rule is used to update the classification when the Classification of a message is
changed.

NOTE: See
policy 3.7-3 Apply Body Tag When a Message is sent in sample
UseCasesGuide.TCF file.

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Update Body Tags when Classification is
changed”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Select the Actions When True

1. Click the Add/Edit button in the Actions When True section of the Rule.
2. Select “Body Tag” from the Available Actions list box.
3. Click the arrow to move the Action to the Selected Actions list box.
4. Click OK.
5. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 79

 Visual Markings / Display a Body Tag to email author before sending the message

Create the third policy

This Policy updates the Body Tags in an email when the message is sent.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Apply Body
Tag When a Message is Sent”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when message is sent” from the Policy Event dropdown list. This
Event triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 80

 Visual Markings / Display a Body Tag to email author before sending the message

Create and configure the Rule for the third policy

This Rule is used to update the classification when the message is sent.

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Body Tag When a Message is
Sent”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Select the Actions When True

1. Click Add/Edit button in the Actions when True section of the Rule.
2. Select “Body Tag” from the Available Actions list box.
3. Click the arrow to move the Action to the Selected Actions list box.
4. Click OK.
5. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 81

 Visual Markings / Display a Body Tag to email author before sending the message

1. .
EXAMPLE:
By default, the message contains a Body Tag.

When the message author changes the Classification from the default, the Body Tag is
automatically updated. The Body Tag is updated once again on Send to ensure the
contents of the marking have not been edited by the message author.

Use Case Guide www.fortra.com page: 82

 Auto and suggested Classification / Assign a Classification to an email message

Auto and suggested Classification

Auto Classification ensures that regulations, standards, and international security standards
are met. Suggested Classification prompts users to consider a classification based on the
content identified in a Policy.

Assign a Classification to an email message

This use case illustrates that email properties in the message can be used to apply a
classification label to an email message.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See
policy 4.1 Assign a Classification to an Email in sample
UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Classify
Email sent to the Fortra domain”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when message is sent” from the Policy Event dropdown list. This
Event triggers the Policy.

Use Case Guide www.fortra.com page: 83

 Auto and suggested Classification / Assign a Classification to an email message

6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Check Recipient Domain”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each recipient in the email message is
evaluated by the Rule.
6. Select “Message.Recipient” from the dropdown list.
7. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the email
message recipient is fortra.com.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “Message.Recipient.Domain”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “fortra.com” in the Value text box.
The conditional expression should match the image.
6. Click OK.

Use Case Guide www.fortra.com page: 84

 Auto and suggested Classification / Assign a Classification to an email message

Create the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Classify
email sent to the Fortra domain”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event triggers the Action.
5. Select “Set Message Classification” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 85

 Auto and suggested Classification / Assign a Classification to an email message

1. Edit the parameters to match the image to the left.

l Reason – Contains the text that is displayed to explain to the user why the
classification was changed.
l Classification to set – Field Name and the Value (“Field Name = Value”) to
which the classification will be set when this Action is applied.
l Suggest – When True the user is able to confirm or reject the classification
suggested by the Policy.
l Alert on Failed – Contains the alert that is displayed to the user in the event
that the Metadata Schema rules conflict with the classification to set.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
Action on Failed – Set to “Warn” to warn the user when they violate the Policy.
2. Save the Action.

Select the Actions When True

1. Select “Classify email sent to the Fortra domain” from the Available Actions list box.
2. Click the arrow to move this Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 86

 Auto and suggested Classification / Assign a Classification to a document based on its location

EXAMPLE:
In this example a user has attempted to send an email message using the default
classification “Public”.

Because the message is being sent to a recipient with the Fortra.com domain, the email
classification is automatically set to Internal.

Assign a Classification to a document based on its

location
This use case illustrates that a classification can be assigned to a document based on its
location.

NOTE:
Microsoft Word and Excel are able to open non-Office filetypes like TXT, RTF, and CSV.
When these files are classified and saved from inside of Microsoft Word or Excel,
metadata, including classification and custom properties, is not retained.

See 4.2 Classify documents based on location in sample UseCasesGuide.TCF file.

This is created using DCS for Office

Use Case Guide www.fortra.com page: 87

 Auto and suggested Classification / Assign a Classification to a document based on its location

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Classify
documents based on location”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Set Classification – Internal”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Use Case Guide www.fortra.com page: 88

 Auto and suggested Classification / Assign a Classification to a document based on its location

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the document is
opened from the following location:

\\Shared Resources\Human Resources\Employees by Department\Bonus and Salary

Information

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “Document.Path”.
4. Select the “contains” operator from the Operator dropdown list.
5. Enter the path in the Value text box (as above). Note: Only UNC paths are supported.
6. Click OK.

Use Case Guide www.fortra.com page: 89

 Auto and suggested Classification / Assign a Classification to a document based on its location

Create the Action

1. Click New in the Actions When True section.

2. Click New in the Actions When True section.

3. Enter a name for the Action in the Action Name text box; in this example, “Classify
documents based on location”.
4. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
5. Select the default “Occurs when a document is opened” Policy Event. This Event
triggers the Action.
6. Select “Set Classification” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 90

 Auto and suggested Classification / Use the Task Pane to alert when Classification is changed

1. Edit the parameters to match the image to the left.

l Reason – The text that is displayed to explain to the user why the classification
was changed or to suggest to the user to review the update.
l Classification to set – Field Name and the Value, (“Field Name = Value”) to
which the classification will be set when this Action is applied.
l Suggest – When False the user does not have the option to confirm or reject
the classification suggested by the Policy.
2. Save the Action.

Select the Actions When True

1. Select “Classify documents based on location” from the Available Actions list box.
2. Click the arrow to move this Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

When a document is opened from the specified folder it is automatically classified as

Internal.

Use the Task Pane to alert when Classification is

changed
This use case illustrates how to display a Task Pane alert when the classification is set by a
Policy.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See policy 4.3 On Classification Change in sample UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 91

 Auto and suggested Classification / Use the Task Pane to alert when Classification is changed

EXAMPLE:
When a recipient forwards a message and changes the classification a task pane alert
appears.

Use Case Guide www.fortra.com page: 92

 Insert metadata into emails, documents, and files / Document Server Properties

Insert metadata into emails,

documents, and files
Fortra's Data Classification allows other technology solutions to recognize and protect your
sensitive information using persistent Classification information. Metadata has been
successfully leveraged across the vast technology ecosystem. By applying persistent
metadata to the X-Header of an email message and the Document Properties of a Microsoft
Office document, Fortra's Data Classification can ensure that any downstream security or
data archiving solutions are able to extract and act upon metadata.

Document Server Properties

This use case illustrates how the Administrator can define which Classification metadata is
applied to a document when conflicting information is provided from two sources. This use
case applies a Policy to set the Classification to the highest level defined by SharePoint
Document Server Properties or Fortra's DCS for Office (On-premises) Document Properties.

Ensure you have Term Set Name, Term Name, and Term GUID set in the Managed Metadata
Property of your SharePoint Document Library. These values are used in the Document
Server Name and Document Server parameters of the Set Document Server Property Action.
See Define the Action Parameters on page 96. You set the Terms using the SharePoint
Admin Center. For more information, see https://learn.microsoft.com/en-
us/sharepoint/create-and-manage-terms.

This is created using DCS for Office

NOTE: See policy 5.1 Document Server Properties in sample UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Set
Document Server Properties”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This Event triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 93

 Insert metadata into emails, documents, and files / Document Server Properties

Create the first rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “SetDocumentProperty”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions associated
with the Rule. In this use case, the first rule is only applied when the Document Server
Properties defined in SharePoint are of a higher classification than those defined by
Document Classification.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Document.ServerProperties.SPClassification”.
4. Select the “>” operator from the Operator dropdown list.
5. Enter [Document.Metadata.TITUSClassification]” in the Value text box.
The conditional expression should match the image.
6. Click OK.

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example,
“SetTITUSClassification”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This Event triggers the Action.
5. Select “Set Classification” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 94

 Insert metadata into emails, documents, and files / Document Server Properties

1. Edit the parameters to match the image to the left.

l Reason – Contains the text that is displayed to explain to the user why the
classification was changed to suggest that the document author review the
update.
l Classification to set –Parameter that allows the Classification to be set to the
level defined in the SPClassification column in SharePoint.
l Suggest - Confirms the Classification with the user.
l Always Show Reason - Shows the new Classification and reason.
l Enable Justification - provides justification for overriding the Action.
2. Save the Action.

Select the Actions When True

1. Select “SetTITUSClassification” from the Available Actions list box.

2. Click the arrow to move it to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Create the second rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “SetDocumentServerProperty”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue .

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use the second rule is only applied when the
Document Server Properties defined in SharePoint are of a lower classification than those
defined by Document Classification in the document properties.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Document.Metadata.TITUSClassification”.
4. Select the “>” operator from the Operator dropdown list.

Use Case Guide www.fortra.com page: 95

 Insert metadata into emails, documents, and files / Document Server Properties

5. Enter [Document.ServerProperties.SPClassification] in the Value text box.

The conditional expression should match the image.
6. Click OK.

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example,
“SetDocServerProp”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This Event triggers the Action.
5. Select “Set Document Server Properties” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the following parameters.

l Server Property Name – Enter the name of the SharePoint column in the Value
text box. This value is taken from the Term Set Value as set in the Managed
Metadata property of your SharePoint Document Library.

Use Case Guide www.fortra.com page: 96

 Insert metadata into emails, documents, and files / Document Server Properties

l Server Property Value – Enter the metadata value that will be assigned to the
document as the Document Server Property. In this case it will be the selected
Classification defined in the Document Properties by Data Classification for
Microsoft Office. This value is taken from the Term Name and Term GUID set in
the Managed Metadata property of your SharePoint Document Library. The
Term GUID links your SharePoint Document Library to the action in DCS.
2. Save the Action.

Select the Actions When True

1. Select “SetDocServerProp” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Create and configure the Second Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Alert_
PropsNotSynchronized”.
3. Enter a description in the Action Description text box. The description provides
further details about when and why the Action should be applied.
4. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This Event triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

This Action is used to display Warning Dialog to the user.

Define the Action Parameters

1. Edit the parameters to match the image.

The parameters are:
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
l Title – This parameter allows the Administrator to create a title for warning
dialog that will appear to users.

Use Case Guide www.fortra.com page: 97

 Insert metadata into emails, documents, and files / Add keywords to Microsoft Office documents

l Detailed Description – Enter the display message text that will be displayed to
the user in the Warning Dialog.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True, the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Select the Actions When True

1. Select “Alert_PropsNotSynchronized” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Add keywords to Microsoft Office documents

This use case illustrates how the Administrator can ensure that the document classification
is applied to the document keywords. This information ensures that the classification is
preserved when documents are saved as PDFs.

For example, if a user selects CONFIDENTIAL, this word is stored in the Keywords document
property. Many Adobe PDF conversion tools preserve the Keywords properties, so this is a
way to maintain the Fortra's DCS for Office (On-premises) metadata in addition to the visual
labels when converting to PDF.

If you prefer not to use PDF keywords to maintain PDF metadata, you can use a Custom
Action to save Microsoft Office files as PDFs. See Save Microsoft Office documents as PDF
with classification metadata on page 108. This Custom Action writes metadata as PDF
keywords as well as custom properties.

NOTE: See
policy 5.2 Add Keywords to Office documents in sample
UseCasesGuide.TCF file

This is created using DCS for Office.

Create the Policy

Use Case Guide www.fortra.com page: 98

 Insert metadata into emails, documents, and files / Add keywords to Microsoft Office documents

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Add
Keywords to Office documents”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event triggers the Policy.
6. Click the Save and Continue button.

Create and Configure the Rule

This Rule does not contain any conditions because we want to add keywords to all
documents.

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Add Keywords to Office documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click the Save and Continue button.

Create the Action

Use Case Guide www.fortra.com page: 99

 Insert metadata into emails, documents, and files / Add keywords to Microsoft Office documents

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Add
Keywords”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event triggers the Action.
5. Select “Add Keywords” from the Action Type dropdown list.

Define the Action parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Keyword – this parameter accepts plain text or document properties.
l Document Properties must be surrounded by square or double curly braces.
{{Document.Metadata.CLASSIFICATION}}
l Clear existing keywords – select True to clear existing keywords before adding
new keywords.
2. Click the Save button to save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

Use Case Guide www.fortra.com page: 100

 Insert metadata into emails, documents, and files / Set Classification during Patrol Scan

1. Select “AddKeywords” from the Available Actions list box.

2. Click the arrow to move it to the Selected Actions list box.
3. Click the OK button.
4. Save the Rule and Policy.
EXAMPLE:
When a document is saved as a PDF the document classification is saved as PDF
Keywords.

Set Classification during Patrol Scan

This use case sets the Classification of files in the Downloads folder to Restricted when a
Patrol scan is performed.

This is created using Fortra Data Classification for Microsoft Outlook for Desktop

NOTE: See
policy 5.3 Set Classification During Patrol Scan in sample
UseCasesGuide.TCF file.

Configure the Patrol settings

1. Select Application Settings from the side menu bar.

Use Case Guide www.fortra.com page: 101

 Insert metadata into emails, documents, and files / Set Classification during Patrol Scan

2. Find “Patrol Settings” in the Feature Name column and click Edit in the “Desktop”
column.
3. Select the Enable Patrol checkbox to enable Patrol.
4. Select the Enable Quick Scan and Enable Full Scan checkboxes.
5. In the Exclusion Pattern section, click Add.
6. Enter “*.tmp” in the Exclusion Pattern text box to exclude temporary files from the
scan.
7. In the Watched Folders section, click Add.
8. Enter “{Environment.UserProfile}\Downloads” in the Folder Name text box to scan
the downloads folder on each user’s computer.
9. Click Save.

Create the Policy

This Policy applies Classification when files are scanned by Patrol.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.

Use Case Guide www.fortra.com page: 102

 Insert metadata into emails, documents, and files / Set Classification during Patrol Scan

2. Enter a name for the Policy in the PolicyName text box; in this example, “Classify
files in Downloads folder”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a file is detected by an automated process” from the Policy
Event dropdown list. This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Classify downloads”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to files. In this use case the Rule must
be repeated so that each file is evaluated by the Rule.
6. Select “File” from the dropdown list.
7. Click Save and Continue.

Create the Action

Use Case Guide www.fortra.com page: 103

 Insert metadata into emails, documents, and files / Set Classification during Patrol Scan

This Action applies Classification when the files is scanned by Patrol.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Classify
files in downloads folder”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a file is detected by an automated process” from the Policy
Event dropdown list. This Event triggers the Action.
5. Select “Set Classification” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Set the Classification to set parameter Value to “Classification=Internal”.

2. Save the Action.

Use Case Guide www.fortra.com page: 104

 Insert metadata into emails, documents, and files / Add Box metadata to documents when uploaded to Box

Add Box metadata to documents when uploaded to

Box
This use case illustrates how to add Box metadata to a document during the upload
process. In this example the Box metadata is used to identify corporate ownership of the
document.

This is created using DCS for Office

NOTE: See policy 5.4 Add Box Metadata to Documents in sample UseCasesGuide.TCF
file.

Enable Box integration

1. Select Application Settings from the side menu bar.

2. Find Cloud Services Settings in the “Feature Name” column and click Edit in the
“Global” column.
3. Select the Enable Box integration checkbox.
4. Click the Save button at the bottom of the page.

Enable the Options Ribbon

1. Select Application Settings from the side menu bar.

2. Find Ribbons Settings in the “Feature Name” column and click Edit in the “Global”
column.
3. Select the Enable Options Ribbon Group checkbox.
This option must be enabled in order to display the Upload button in the Ribbon.
4. Click the Save button at the bottom of the page.

Create the Policy

Use Case Guide www.fortra.com page: 105

 Insert metadata into emails, documents, and files / Add Box metadata to documents when uploaded to Box

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Add Box
Metadata to Documents”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a document is uploaded to a file storage in the cloud” from the
Policy Event dropdown list. This Event triggers the Policy.
6. Click the Save and Continue button.

Create and Configure the Rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Add Box Metadata to Documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click the Save and Continue button.

Create the Action

1. Enter a name for the Action in the Action Name text box; in this example, “Add Box
Metadata to Documents”.

Use Case Guide www.fortra.com page: 106

 Insert metadata into emails, documents, and files / Add Box metadata to documents when uploaded to Box

2. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
3. Select “Occurs when a document is uploaded to a file storage in the cloud” from the
Policy Event dropdown list. This Event triggers the Action.
4. Select “Add Box metadata” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Set the Metadata to set parameter Value to a Key and Value in the following format:
Key1=Value1
Key2=Value2
In this example we added:
Document Owner=TITUS, Inc.
Classification=[Document.Metadata.Classification]
Keys are used to describe the Box metadata associated with the document such as
Classification or Author.
Values can include:
l Plain text
l Out of the box Document Properties provided by Microsoft Office. Document
Properties must be surrounded by square or double curly braces.
l The Values created for the Schema entered in the following format
[Document.Metadata.<Field>]
2. Click the Save button to save the Action.
EXAMPLE:
A document was uploaded to a folder in Box.
1. Select the Box folder that contains the uploaded document.
2. Select the actual document.
3. In the right-side panel select Info.
4. Scroll to the bottom to view the Custom Metadata.

Use Case Guide www.fortra.com page: 107

 Insert metadata into emails, documents, and files / Save Microsoft Office documents as PDF with classification metadata

Save Microsoft Office documents as PDF with

classification metadata
This use case illustrates how the Administrator can ensure that the document classification
is maintained when Office documents are saved as PDFs. This use case uses a Custom
Action and built into Fortra's DCS for Office (On-premises). It acts as an alternative to Add
keywords to Microsoft Office documents on page 98. The Custom Action applies metadata
as custom properties. This Custom Action is compatible with Microsoft Word, Microsoft
Excel, and Microsoft PowerPoint.

Use Case Guide www.fortra.com page: 108

 Insert metadata into emails, documents, and files / Save Microsoft Office documents as PDF with classification metadata

To use this Action, your organization's license must include the EnableExternalProcessing
custom feature. This license must be uploaded and applied to your configuration. Without
this custom feature, Apply Custom Action does not appear in the list of Actions.

This is created using DCS for Office.

NOTE: The TCOSaveAsPDF Custom Action does not perform any Policy evaluations. If a
document does not have DCS metadata, no metadata is applied to the resulting PDF. If
you only want to save a document as PDF when it meets certain criteria (such as having
DCS metadata applied), you can check these criteria using Rule conditions.

Adjust the Microsoft Office interface

This use case repurposes the Check Policy button to save Office documents as PDFs that
contain classification metadata. The Check Policy button is a configurable button that can
be added to the Titus group of the Microsoft Office ribbon. To instruct users to use this
button rather than the Microsoft Office PDF buttons, you can relabel the button so it is more
descriptive.

1. In your Configuration, from the left-hand menu, select Application Settings.

2. Under the products to which the Policy applies, select the Check Policy Settings Edit
button. In this example, the Word setting is updated.
TIP:You should set these settings at the product level (e.g. for Word, Excel, or
PowerPoint) rather than the Global level. This ensures that the Save as PDF
check policy button does not appear in products that are not compatible with the
Custom Action.

3. Select Enable Check Policy button in Ribbon.

4. Update the Check Policy Button text field, enter Save as PDF.
5. Remove the value for the Check Policy 'All Clear' Text. This disables the pop-up
message in Microsoft Office. Disabling the message is recommended because the
pop-up is not directly connected to the Custom Action.
6. If desired, update the tooltip title and text on this page.
7. Click Save.
To show the Check Policy button in the application, Enable Options Ribbon Group
TIP:
must be set to true in Application Settings > Ribbon Settings.

Use Case Guide www.fortra.com page: 109

 Insert metadata into emails, documents, and files / Save Microsoft Office documents as PDF with classification metadata

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, Save as PDF
using Check Policy.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. From the Policy Event dropdown list, select the Occurs when user clicks the Check
Policy button on a document Event. This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

This Rule does not contain any conditions because we want to save documents as PDF if
the user requests it. This means that if the document does not have metadata applied, no
metadata is applied to the resulting PDF. See the note at the beginning of this topic for more
information.

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, Save as PDF.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Use Case Guide www.fortra.com page: 110

 Insert metadata into emails, documents, and files / Save Microsoft Office documents as PDF with classification metadata

Create the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, Save as
PDF.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select the Occurs when user clicks the Check Policy button on a document Event
from the Policy Event dropdown list. This Event triggers the Action.
5. Select Apply Custom Action from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameters to match the following:

l Custom Action ID – Used to locate the custom code. Enter "TCOSaveAsPDF"
l Optional Additional Parameters – Enter optional parameters to pass the
custom action.
l Error Dialog Title - Enter the title of the warning dialog. Enter "Custom Action
Alert".
l Error message to display – Enter the error message that will be displayed to the
user. Enter "The custom action has returned an error."
l Failure Behavior – Enter the behavior if the processing fails. Values can be Log
only, Warn, Warn and Prevent.
2. Save the Action.

Select the Actions When True

Use Case Guide www.fortra.com page: 111

 Insert metadata into emails, documents, and files / Save Microsoft Office documents as PDF with classification metadata

1. Select Save as PDF from the Available Actions list box.

2. Click the arrow to move it to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
In Microsoft Word, PowerPoint, and Excel, the Check Policy button is relabeled to
explain its function. When the button is pressed, the user is prompted to save the PDF
to a location on their computer.

When the PDF is successfully saved, a message appears.

The PDF classification is visible in the Fortra Data Classification for Desktop interface.
NOTE: This example shows the DCS for Desktop flyout menu. These menus are not
enabled by default, but can be enabled in the Desktop add-in settings. See the
Fortra's Data Classification Suite (DCS) Administration Console (On-premises) User
Guide for more information. If you are using Windows 11, Classification options are
located under Show more options.

Use Case Guide www.fortra.com page: 112

 Automated Content Protection (RMS and S/MIME) / Apply RMS Protection to documents

Automated Content Protection

(RMS and S/MIME)
Coupling classification with encryption technology is a powerful mechanism to enforce
document protection. Because RMS is not typically an integral part of the users daily
workflow, it can be difficult to ‘force’ users to RMS-protect documents. Polices can ensure
that RMS templates are applied automatically based on the classification selected for the
content.

Encryption technologies can be triggered based on content, context, and classification.

Apply RMS Protection to documents

This use case illustrates that Fortra's DCS for Office (On-premises) can be used to automate
RMS protection.

RMS must be set up within your organization in order to implement this use case.

This is created using Fortra's DCS for Office (On-premises)

NOTE: See policy 6.1 Apply RMS in sample UseCasesGuide.TCF file

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Apply RMS”.

Use Case Guide www.fortra.com page: 113

 Automated Content Protection (RMS and S/MIME) / Apply RMS Protection to documents

3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example “Apply RMS - Restricted”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the document is
classified as “Restricted”.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Document.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “Restricted” in the Value text box.
The conditional expression should match the image.
6. Click OK.

Use Case Guide www.fortra.com page: 114

 Automated Content Protection (RMS and S/MIME) / Apply RMS Protection to documents

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Apply RMS
- Restricted”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This is the Event that triggers the Action.
5. Select “Apply RMS Policy” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking Edit .

1. Set the Template Name parameter Value to the name of the RMS Template you want
to apply in the Value text box.
RMS must be set up within your organization in order to implement this Action.
2. Click Save to save the Action.

Use Case Guide www.fortra.com page: 115

 Automated Content Protection (RMS and S/MIME) / Digitally sign (and/or encrypt) emails

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Apply RMS - Restricted” from the Available Actions list box.
2. Click the arrow to move it to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

When a Restricted document is saved RMS protection is automatically applied.

Digitally sign (and/or encrypt) emails

This use case illustrates how to automate digital signatures and encryption when an email
contains an attachment. Before you complete this use case, you must create an Attachment
Policy as described in Check email attachments on page 124

This is created using Fortra Data Classification for Microsoft Outlook for Windows

NOTE: See policy 7.1-6.2-7.2-7.4 Attachment Policy in sample UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 116

 Automated Content Protection (RMS and S/MIME) / Digitally sign (and/or encrypt) emails

Create the Attachment Policy. See the use case in Check email attachments on page 124
for instructions.

Add a Rule to the existing Attachment Policy

1. Select Policies from the side menu bar.

2. Select Attachment Policy and click Edit.
3. Click New in the Rules section of the page to create a new Rule for the Attachment
Policy.

1. Enter a name for the Rule; in this example, “Sign and Encrypt emails with
attachments”.
2. Enter a Rule Description to further describe the purpose of the Rule.
3. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
4. Leave Repeat Rule unchecked.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case repetition of the Rule is not required.
5. Click Save and Continue.

Use Case Guide www.fortra.com page: 117

 Automated Content Protection (RMS and S/MIME) / Digitally sign (and/or encrypt) emails

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the email
message contains an attachment.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.AttachmentCount”.
4. Select the “>” operator from the Operator dropdown list.
5. Enter “0” in the Value text box.
The conditional expression should match the image.
6. Click OK.

Create the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 118

 Automated Content Protection (RMS and S/MIME) / Digitally sign (and/or encrypt) emails

2. Enter a name for the Action in the Action Name text box; in this example, “Sign and
Encrypt emails with attachments”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event that triggers the Action.
5. Select “S/MIME Sign/Encrypt” from the Action Type dropdown list.

This Action Applies S/MIME encryption, digital signatures, or both.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Set the S/MIME option parameter “Sign and Encrypt”.

2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Sign and Encrypt emails with attachments” from the Available Actions list
box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 119

 Automated Content Protection (RMS and S/MIME) / Apply Custom RMS to documents

EXAMPLE:
When the user sends an email message that contains an attachment, the Policy
automatically triggers the encryption and digital signatures.

Apply Custom RMS to documents

This use case illustrates how to apply a custom RMS template to a document. In this
example, a Custom RMS Template is applied when a document is classified as
Restricted/Finance because some of the documents will be shared with an external
accounting organization.

This is created using Fortra's DCS for Office (On-premises).

NOTE: See
policy 6.3 Apply Custom RMS to Documents in sample
UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Apply
Custom RMS to Documents”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 120

 Automated Content Protection (RMS and S/MIME) / Apply Custom RMS to documents

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Custom RMS to Documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition(s) must be evaluated as true to apply the Actions that will be
associated with the Rule.

1. Click Edit in the Condition section of the page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select Document.Metadata.DEPARTMENT.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “Finance” in the Value text box.
6. Click OK.

Use Case Guide www.fortra.com page: 121

 Automated Content Protection (RMS and S/MIME) / Apply Custom RMS to documents

Create and Configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Apply
Custom RMS to Documents”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This Event that triggers the Action.
5. Select “Apply Custom RMS to Documents” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Users – The user email addresses or the Active Directory Group name that includes
the users permitted to access this document. A list must be separated by
semicolons (;).
l Access Level – select Read to provide read-only access to the document.

Use Case Guide www.fortra.com page: 122

 Automated Content Protection (RMS and S/MIME) / Apply Custom RMS to documents

l Expiry – Use the Calendar Control to select the expiry date; in this example, January
1, 2016.
l Print Content - Set to True to allow users to print document content.
l Access Content Programmatically – Set to True to allow the use of macros, add-ins,
and Data Classification in this document.
l RequestPermission URL- Enter an URL where users can request and be granted
additional permissions.
l Require a connection – Select True to require a connection to verify a user’s
permission.
2. Save the Action.

EXAMPLE:
When the author saves the document classified as Restricted, a custom RMS template
is applied.

Use Case Guide www.fortra.com page: 123

 Attachment checking / Check email attachments

Attachment checking
The policy engine can be used to build advanced policies that take into account content,
recipients, sender, classification, and other attributes when checking attachments.

Check email attachments

This use case illustrates how to enforce a corporate email attachment policy based on
specific attachment properties.

NOTE: See policy 7.1-6.2-7.2-7.4 Attachment Policy in sample UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Attachment
Policy”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default, Policies are
disabled when they are created.
5. Select “Occurs when a message is sent” from the Policy Event dropdown list. This
Event that triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Attachment size and count”.
3. Enter a Rule Description to further describe the purpose of the Rule.

Use Case Guide www.fortra.com page: 124

 Attachment checking / Check email attachments

4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each attachment in the email message is
evaluated by the Rule.
6. Select “Message.Attachment” from the dropdown list.
7. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the email
message contains two or more attachments or if the total size of the attachments exceeds
300 KB.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “Message.AttachmentTotalSizeKB”.
4. Click the Operator dropdown arrow and select the “>” operator.
5. Enter “300” in the Value text box.

Use Case Guide www.fortra.com page: 125

 Attachment checking / Check email attachments

6. Click the Add Condition ( ) button to add another condition.

NOTE:
Ensure “AND” is selected in the top dropdown list.

7. Click the Properties dropdown arrow and select “Message.AttachmentCount”.

8. Click the Operator dropdown arrow and select the “>” operator.
9. Enter “2” in the Value text box.
10. Click OK.

Set the Behavior Flow

1. In the Actions When True section, Select “Break” from the Behavior Flow dropdown
list.
This prevents multiple messages from appearing on the Client machine if more that
one attachment triggers the Rule.

Create and Configure the Action

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Upload to
SharePoint Warning”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 126

 Attachment checking / Check email attachments

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – This is the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes to allow the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Upload to SharePoint Warning” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 127

 Attachment checking / Attachment checking with Upgrade Message remediation option

EXAMPLE:
A user has sent an email message that contains more than two attachments and the
total size of the attachments exceeds 300 KB. The Warning Dialog appears instructing
the user to upload the attachments to SharePoint.
NOTE: The description text for this warning will be duplicated for each attachment
included in the email. To prevent duplicate descriptions, see Use a Dynamic
Property to assign a value on page 38 for more information.

Attachment checking with Upgrade Message

remediation option
This use case illustrates how to perform attachment checking to ensure that an email is
classified at the same level as its highest classified attachment. This use case also
illustrates how to include an Upgrade Message button that will automatically apply the
required classification to the message.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Use Case Guide www.fortra.com page: 128

 Attachment checking / Attachment checking with Upgrade Message remediation option

NOTE: See policy 7.1-6.2-7.2-7.4 Attachment Policy in sample UseCasesGuide.TCF file.

This Policy is triggered by the Occurs when a message is sent event.

Create the Attachment Policy. See Check email attachments on page 124 for instructions.

1. Select Policies from the side menu bar.

2. Select Attachment Policy and click the Edit button.
3. Enter a name for the Rule; in this example, “DefineDynamicProperty”.
5. Enter a Rule Description to further describe the Rule.
6. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
7. Leave Repeat Rule unchecked.
8. Click Save and Continue.

Create the MaxAttachmentClassification Dynamic Property

1. Click the New button in the Dynamic Properties section of the Add/Edit Rule page to
create a new Dynamic Property.
2. Enter the Dynamic Property Name; in this example, “MaxAttachmentClassification”.
3. Enter the Dynamic Property Description.
4. Select “Assign” from the Function dropdown list.

Use Case Guide www.fortra.com page: 129

 Attachment checking / Attachment checking with Upgrade Message remediation option

Define the Parameters for the Assign Dynamic Function

1. Select the Value parameter and click the Edit button.

2. Enter “[Message.Metadata.CLASSIFICATION]” in the Value text box.

3. Save the Dynamic Property.

Create and configure the second rule

The second Rule is a child of DefineDynamicProperty. To create a child, click on the Rule
that will become the parent and click the New button below the list of Rules in a Policy.

1. Click the parent rule, DefineDynamicProperty, in the list of Rules, and then click the
New button to create a new child rule.

2. Enter a name for the Rule; in this example, “GetHighestClassifiedAttachment".

3. Enter a Rule Description to describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Select the Repeat Rule checkbox. This Rule must be repeated so that each
attachment is evaluated by the Rule.
6. Select “Message.Attachment” from the dropdown list.

Use Case Guide www.fortra.com page: 130

 Attachment checking / Attachment checking with Upgrade Message remediation option

7. Click Save and Continue.

This Rule iterates through the message attachments searching for scenarios where an
attachment is classified at a higher level than the message.

Create the Conditional Expression for the second rule

1. Click the Edit button in the Condition section of the Add/Edit Rule page.
2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Message.Attachment.Metadata.CLASSIFICATION”.
4. Click the Operator dropdown arrow and select the “>” operator.
5. Enter “[Message.Metadata.CLASSIFICATION]” in the Value text box.

When this condition is evaluated as true the Display Bad Attachments Action is applied.

Create the Classification Alert Action

Use Case Guide www.fortra.com page: 131

 Attachment checking / Attachment checking with Upgrade Message remediation option

The Action is used to warn users and optionally allows blocking of emails with attachments
that violate a Policy. The Warning Dialog that appears when this Action is triggered allows
users to upgrade the Classification of the email message.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Display
Bad Attachments”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list.
5. Select “Classification Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Use Case Guide www.fortra.com page: 132

 Attachment checking / Attachment checking with Upgrade Message remediation option

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Upgrade Message Classification” and “Display Bad Attachments” from the
Available Actions list box.
2. Click the arrow to move it to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Create and configure the third rule

The third rule is a child rule of GetHighestClassifiedAttachment.

1. Click the parent rule, GetHighestClassifiedAttachment, in the list of Rules, and then
click the New button to create a new child rule.

Use Case Guide www.fortra.com page: 133

 Attachment checking / Attachment checking with Upgrade Message remediation option

2. Enter a name for the Rule; in this example, “SetMaxAttachmentDynamicProperty".

3. Enter a Rule Description to describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Leave Repeat Rule unchecked.
6. Click the Save and Continue button.

Create the Conditional Expression for the third rule

1. Click the Edit button in the Condition section of the page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Message.Attachment.Metadata.CLASSIFICATION”.
4. Click the Operator dropdown arrow and select the “>” operator.
5. Enter “[MaxAttachmentClassification]” in the Value text box.

Use Case Guide www.fortra.com page: 134

 Attachment checking / Attachment checking with Upgrade Message remediation option

Create the Property Assignment

Property Assignment allows the Administrator to input values to the following Dynamic
Properties once they are defined in a Rule.

1. Enter the following text to assign a value to the property:

[MaxAttachmentClassification] = [Message.Attachment.Metadata.CLASSIFICATION]

Create and configure the fourth rule

This Rule searches for instances where the highest classified document is greater than the
classification of the document. The Upgrade Message Classification Action is applied if this
condition is evaluated as true.

The Upgrade Message button applies the required classification to the message so that is
as high as the highest classified attachment included in the message.

Use Case Guide www.fortra.com page: 135

 Attachment checking / Attachment checking with Upgrade Message remediation option

1. Enter a name for the Rule; in this example, “EnableUpgradeMessage".

2. Enter a Rule Description to describe the purpose of the Rule.
3. Select the Rule Active checkbox to enable the Rule.
4. Leave Repeat Rule unchecked.
5. Click Save and Continue.

Create the Conditional Expression for the Rule

1. Click the Edit button in the Condition section of the page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “MaxAttachmentClassification”.
4. Click the Operator dropdown arrow and select the “>” operator.
5. Enter “[Message.Metadata.CLASSIFICATION]” in the Value text box.

Use Case Guide www.fortra.com page: 136

 Attachment checking / Attachment checking with Upgrade Message remediation option

Create the Upgrade Message Classification Action

The Action is used to warn users and optionally allows blocking of emails with attachments
that violate a Policy. The Warning Dialog that appears when this Action is triggered allows
users to upgrade the Classification of the email message.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

Create the Upgrade Message Classification Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Upgrade
Message Classification”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.

Use Case Guide www.fortra.com page: 137

 Attachment checking / Attachment checking with Upgrade Message remediation option

5. Select “Set Message Classification” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Reason – This is the text that is displayed to explain to the user why the
classification was changed.
l Classification to set – This includes the Field Name and the Value, i.e., “Field
Name = Value” to which the classification is set when this Action is applied. In
this example, the Value of the Dynamic Property is used to set the
Classification.
Note: The Dynamic Property is created later in this procedure.
l Suggest – Set to True the enable the user to confirm or reject the classification
suggested by the policy.
l Alert on Failed – The alert displayed in the event the Metadata Schema Rules
conflict with the classification to set.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Action on Fail – Set to Warn the user when they violate the policy.
2. Save the Action.

Select the Actions When True

Use Case Guide www.fortra.com page: 138

 Attachment checking / Check email attachments for keywords

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Upgrade Message Classification” and “Display Bad Attachments” from the
Available Actions list box.
2. Click the arrow to move it to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
A user is able to click the Upgrade Message button to classify the message at the same
level as the highest classified attachment.
The email was classified as Public and the attachments were classified as Internal.

Check email attachments for keywords

This use case illustrates that documents attached to email messages can be scanned for
prohibited keywords.

This is created using DCS for Outlook.

Use Case Guide www.fortra.com page: 139

 Attachment checking / Check email attachments for keywords

NOTE: See
policy 7.3 Keyword Attachment Validation in sample
UseCasesGuide.TCF file.

See the Fortra's Data Classification Suite (DCS) Administration Console (On-premises) User
Guide for more information on content validation.

Create a Content Validation Profile

1. Select Content Validation Profile from the side menu bar.

2. Click New.

3. Enter a name for the Content Validation Profile in the Profile Name text box; in this
example, “Attachment Keywords”.
The Profile name is required when creating a Dynamic Property to run the Profile as
part of a Policy. The name identified here must be exactly the same as the name
used in the Dynamic Property.
4. Select “Match Any” from the Match Mode dropdown list. This activates the profile if
the criteria meets any combination of the defined rules.
5. Enter the Violation Text string; in this example, “prohibited keyword detected”. The
phrase contained in this field can be used as text of a user alert without showing the
exact values found.
6. Click Save and Continue.

Define the matches for the Content Validation Profile

Use Case Guide www.fortra.com page: 140

 Attachment checking / Check email attachments for keywords

1. Click New in the Matches section.

2. Select “Text” from the Match Type dropdown list.
3. Enter a word or string in the MatchPattern text box.
NOTE: If
you want to search for more than a single word or string, you must create a new
text match for each additional word or string.

4. Enter the replacement text in the Replacement text box.

5. Click Save.
6. Repeat for any additional words or strings to be matched.

Create a Policy

The Policy will execute the “Attachment Keywords” Content Validation Profile.

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Keyword
Attachment Validation”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 141

 Attachment checking / Check email attachments for keywords

Create a Condition for the Policy

This condition will prevent the Rules in the Policy from executing when there are no
attachments included in the email message.

1. Click Edit in the Condition section of the Add/Edit Policy page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.AttachmentCount”.
4. Select the “>” operator from the Operator dropdown list.
5. Enter “0” in the Value text box.
6. Click OK.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Check Attachments for Keywords”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each attachment in the email message is
evaluated by the Rule.
6. Select “Message.Attachment” from the dropdown list.
7. Click Save and Continue.

Use Case Guide www.fortra.com page: 142

 Attachment checking / Check email attachments for keywords

Create the AttachBody Dynamic Property

This Dynamic Property is used to review each email attachment and validate its contents.

1. Click New in the Dynamic Properties section of the Add/Edit Rule page to create a
new Dynamic Property.
2. Enter the Dynamic Property Name; in this example, “AttachBody”. This name will
appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “GetTextFromFile” from the Function dropdown list.

Define the Parameters for the GetTextFromFile Dynamic Function

1. Select the FilePath parameter and click the Edit button.

2. Enter “[Message.Attachment.Path]” in the Value text box.
This path provides the file location of the attachment.
3. Save the Dynamic Property.

Create the Conditional Expression

This Condition ensures that the document contains text that can be used to evaluate the
Rule.

1. Click the Edit button in the Condition section of the Add/Edit Policy page.
2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “AttachBody”.
4. Select the “!=” operator from the Operator dropdown list.
5. Leave the Value text box blank.

Use Case Guide www.fortra.com page: 143

 Attachment checking / Check email attachments for keywords

6. Click OK.

Create the Second Rule

This second Rule is a child of the Check Attachments for Keywords Rule.

1. To create a child Rule, click on the parent rule Check Attachments for Keywords in
the list of Rules, and then click New to create a new child rule.

2. Enter a name for the Rule; in this example, “Check Attachment Body".
3. Enter a Rule Description to describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 144

 Attachment checking / Check email attachments for keywords

Create the RunCV Dynamic Property

This Dynamic Property is used to run Content Validation Profile and use the results.

1. Click Newin the Dynamic Properties section of the Add/Edit Rule page to create a
new Dynamic Property.
2. Enter the Dynamic Property Name; in this example, “RunCV”. This name will appear in
the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “RunContentValidation” from the Function dropdown list.

Define the Parameters for the AttachBody Dynamic Function

Dynamic function parameters are configured by selecting the parameter and clicking the
Edit button.

1. Edit the parameters to match the image to the left.

Content Validation Profile Name - Enter the name of the Content Validation Profile
you want to run.
The Run CV Dynamic Property is required in order to run the Attachment Keywords
Content Validation Profile and use the results.
Source – In this example, “[AttachBody]”.
2. Save the Dynamic Property.

Use Case Guide www.fortra.com page: 145

 Attachment checking / Check email attachments for keywords

Create the Conditional Expression

This Condition ensures that there are matches in order to apply the Action.

1. Click Edit in the Condition section of the page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “RunCV.Matches”.
4. Select the “!=” operator from the Operator dropdown list.
5. Leave the Value text box blank.
6. Click OK .

Create the Action

This Action displays the Warning.

1. Click Newin the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 146

 Attachment checking / Check email attachments for keywords

2. Enter a name for the Action in the Action Name text box; in this example, “Keyword
Alert”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to No by default. If set to Yes, the detailed
description appears in full.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Use Case Guide www.fortra.com page: 147

 Attachment checking / Prevent attachments without Classification from being sent

Select the Actions When True

1. Select “Keyword Alert” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
Prohibited keywords detected in attached documents cannot be redacted using the
Policy Alert dialog. The user must open the attached document and redact or remove
the contents before reattaching it to the email message.

Prevent attachments without Classification from

being sent
This use case illustrates how to prevent users from sending email messages that contain
unclassified attachments.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Use Case Guide www.fortra.com page: 148

 Attachment checking / Prevent attachments without Classification from being sent

NOTE: See policy 7.1-6.2-7.2-7.4 Attachment Policy in sample UseCasesGuide.TCF file.

Add a Rule to the existing Attachment Policy

1. Select Policies from the side menu bar.

2. Select Attachment Policy and click Edit.
3. Click New in the Rules section of the page to create a new Rule for the Attachment
Policy.

Use Case Guide www.fortra.com page: 149

 Attachment checking / Prevent attachments without Classification from being sent

4. Enter a name for the Rule; in this example, “Prevent Unclassified Attachments”.
5. Enter a Rule Description to further describe the Rule.
6. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
7. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule is repeated so that each attachment in the email is evaluated by
the rule.
8. Select “Message.Attachment” from the drop down list.
9. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the email
message contains one or more attachments that do not contain metadata.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Message.Attachment.HasMetadata”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “False” in the Value text box.
6. Click OK.

Use Case Guide www.fortra.com page: 150

 Attachment checking / Prevent attachments without Classification from being sent

Create and configure the Action

This Action provides a warning and optionally allows blocking of emails with attachments
that violate policy.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Block
Unclassified Attachments”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Use Case Guide www.fortra.com page: 151

 Attachment checking / Prevent attachments without Classification from being sent

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be prevented from sending the message when they violate the policy.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Block Unclassified Attachments” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 152

 Attachment checking / Exclude images in email signatures from attachment checking

1. . Select the = operator and select false.

EXAMPLE:
A user has attached a document that has not been classified by Fortra Data
Classification for Microsoft Office. A Policy Warning has appeared instructing the
sender to classify the attachment before sending it as an email attachment.
The only option available to the sender is to return to the message. This message
cannot be sent until the attachment is removed or classified because the Alert Action
was set to Prevent.

Exclude images in email signatures from attachment

checking
This use case illustrates how to exclude images in email signatures from attachment
checking. Doing so prevents an Alert each time an end user attempts to send an email.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Create the Policy

Use Case Guide www.fortra.com page: 153

 Attachment checking / Exclude images in email signatures from attachment checking

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Check for
Unclassified Attachments”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Policy.
6. Click the Save and Continue button.

Create and Configure the First Rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Check for Unclassified Attachments”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each attachment in the email message is
evaluated by the Rule.
6. Select “Message.Attachment” from the dropdown list.
7. Click the Save and Continue button.

Create the Conditional Expression for the First Rule

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the email
message contains one or more attachment that does not contain any metadata.

Use Case Guide www.fortra.com page: 154

 Attachment checking / Exclude images in email signatures from attachment checking

1. Click the Edit button in the Condition section of the Add/Edit Rule page.
2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Message.Attachment.HasMetadata”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “False” in the Value text box.
6. Click the OK button.

Create and Configure the Second Rule

The second Rule is the child of the first Rule.

1. Click the parent rule, Check for Unclassified Attachments, in the list of Rules, and
then click the New button to create a new child rule.
2. Enter a name for the Rule; in this example, “Check for Images in Email Signature”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Select the Repeat Rule checkbox. This Rule must be repeated so that each
attachment in the email message is evaluated by the Rule.
6. Select “Message.Attachment” from the dropdown list.
7. Click the Save and Continue button.

Create the Conditional Expression for the First Rule

Use Case Guide www.fortra.com page: 155

 Attachment checking / Exclude images in email signatures from attachment checking

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the attachment
path is not blank.

1. Click the Edit button in the Condition section of the Add/Edit Rule page.
2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select “Message.Attachment.Path”.
4. Select the “!=” operator from the Operator dropdown list.
5. Leave the Value text box blank.
6. Click the OK button.

Create and Configure the Action

This Action provides a warning and optionally allows blocking of emails with attachments
that violate policy.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 156

 Attachment checking / Exclude images in email signatures from attachment checking

2. Enter a name for the Action in the Action Name text box; in this example, “Block
Unclassified Attachments”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes to allow the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be prevented from sending the message when they violate the policy.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

Use Case Guide www.fortra.com page: 157

 Attachment checking / Apply Classifications to unclassified attachments

1. Select “Block Unclassified Attachments” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
A user has attached a document that has not been classified by Fortra Data
Classification for Microsoft Office.
A Policy Warning has appeared instructing the sender to classify the attachment before
sending it as an email attachment.
The only option available to the sender is to return to the message. This message
cannot be sent until the attachment is removed or classified because the Alert Action
was set to Prevent.Once the attachment is classified the email message can be sent.
The image in the email signature will not generate an Alert.

Apply Classifications to unclassified attachments

This use case illustrates how to classify any unclassified attachments that are sent to a
specific domain.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Use Case Guide www.fortra.com page: 158

 Attachment checking / Apply Classifications to unclassified attachments

Add a subrule to the existing Classification Policy Rule

1. Select Policies from the side menu bar.

2. Select the Classify email sent to the domain Policy and click Edit. See Assign a
Classification to an email message on page 83.
3. Select the Check Recipient Domain Rule then click the New button in the Rules
section of the page to create a new subrule for the Policy.

4. Enter a name for the Rule; in this example, “Classify Unclassified Attachments”.
5. Enter a Rule Description to further describe the Rule.
6. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
7. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule is repeated so that each attachment in the email is evaluated by
the rule.
8. Select Message.Attachment from the drop down list.
9. Click Save and Continue.

Create the Conditional Expression

Use Case Guide www.fortra.com page: 159

 Attachment checking / Apply Classifications to unclassified attachments

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the email
message contains one or more attachments that do not contain metadata.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click the Add Condition ( ) button.
3. Click the Properties dropdown arrow and select
“Message.Attachment.HasMetadata”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “false” in the Value text box.
6. Click OK.

Create and configure the Action

This Action classifies all unclassified attachments to a message.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 160

 Attachment checking / Apply Classifications to unclassified attachments

2. Enter a name for the Action in the Action Name text box; in this example, Classify
Unclassified Attachments.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select Occurs when a message is sent from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select Set Attachment Classifications from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

Classification to Set – Field Name and the Value (“Field Name = Value”) to which the
classification will be set when this Action is applied.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select Classify Unclassified Attachments from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
A user has attached a PDF that has not been classified by Fortra's DCS for Desktop (On-
premises), and a Word document that has been classified as Confidential by Fortra's

Use Case Guide www.fortra.com page: 161

 Attachment checking / Apply Classification to an attachment manually

DCS for Office (On-premises). Since the recipient belongs to the fortra.com domain, the
email is reclassified as DCS Internal and all unclassified attachments are classified as
DCS Internal when the email is sent. When a Set Attachment Classifications Action is
triggered, a temporary copy of the attachment is stored and classified. When the
temporary copy is classified, the original attachment is deleted from the message and
the classified copy is attached. The original source file is not classified or reclassified.
The attachment order is not preserved.

Apply Classification to an attachment manually

This use case illustrates the process of applying a classification to an attachment using the
attachment context menu. This process lets you classify an attachment without removing it
from the email.

Using right-click attachment classification, you can apply a classification to most file types
that can be written to using an Adapter.

This is created using DCS for Office

This feature does not support file types that are read or written to using the ADS Metadata
Adapter. Classification information can be read and applied but is not sent in the email. The
ADS Metadata Adapter is used when no other Adapters can classify the file type. For more
information, see the Fortra's Data Classification Suite (DCS) Administration Console (On-
premises)User Guide.

NOTE:
l This feature is only available in Microsoft Outlook 2016 or higher.
l This feature cannot be disabled, but can be overridden by applying Attachment
Classifications using a Policy. See Apply Classifications to unclassified
attachments on page 158 for an example use case.

Apply a Classification to an attachment

1. In the Message window of an HTML- or Plain Text formatted email, right-click the
attachment you want to classify.
2. Select Select from the context menu.

Use Case Guide www.fortra.com page: 162

 Attachment checking / Apply Classification to an attachment manually

NOTE: The label that appears in the context menu is controlled by the Outlook Ribbon
Settings. For more information, see Fortra's Data Classification Suite (DCS)
Administration Console (On-premises) User Guide.

3. The Classification Selector Dialog appears. The name of the attachment you are
classifying appears in the title bar.
4. Select a classification for the attachment. If the attachment is already classified, the
classification is preselected.
If the attachment cannot be read, the current classification of the attachment is not
displayed properly. This may occur if the attachment is password-protected, RMS-
protected, or otherwise encrypted.
5. Click OK.

A temporary copy of the attachment is stored and classified. When the temporary copy is
classified, the original attachment is deleted from the message and the classified copy is
attached. The original source file is not classified or reclassified. The attachment order is
not preserved.

NOTE: If the attachment cannot be classified, the user is not notified. The failure event is
written to the Windows event log and audit log.

Use Case Guide www.fortra.com page: 163

 Attachment checking / Apply Classification to an attachment manually

Use Case Guide www.fortra.com page: 164

 Safe Recipients checking / Perform safe recipients checking based on email properties and metadata

Safe Recipients checking

The policy engine can take into account recipients, sender, content, classification and other
attributes when making policy decisions. Policies do not need to be tied to classification.

Perform safe recipients checking based on email

properties and metadata
This use case illustrates how to use email properties and metadata to define Safe
Recipients Rules for your organization.

This is created using DCS for Outlook

NOTE: See
policy 8.1-8.2-8.3 Safe Recipients Checking in sample
UseCasesGuide.TCF file.

Create a Policy for Recipient Rules

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Recipient
Policy”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.

Use Case Guide www.fortra.com page: 165

 Safe Recipients checking / Perform safe recipients checking based on email properties and metadata

5. Select “Occurs when message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Policy.
6. Click Save and Continue.

Configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Safe Recipients for Internal emails”.
3. Enter a Rule Description to further describe the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
case the Rule must be repeated so that each recipient is evaluated by the Rule.
6. Select “Message.Recipient” from the dropdown list.
7. Click Save and Continue.

Create the Conditional Expression

This conditional expression is configured to detect messages that contain a recipient email
address that is not part of the titus.com email domain AND is classified as “Internal”.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.Recipient.Domain”.
4. Click the Operator dropdown arrow and select the “!=” operator.
5. Enter “titus.com” in the Value text box.

Use Case Guide www.fortra.com page: 166

 Safe Recipients checking / Perform safe recipients checking based on email properties and metadata

6. Click Add Condition ( ).

NOTE: Ensure “AND” is selected in the top dropdown list.

7. Click the Properties dropdown arrow and select

“Message.OriginalMetadata.CLASSIFICATION”.
8. Click the Operator dropdown arrow and select the “=” operator.
9. Enter “INTERNAL” in the Value text box.
10. Click OK.

Create and configure the Action

This Action displays a Warning Dialog that warns or blocks messages that contain a
recipient who is not permitted to receive an email message.

This Warning Dialog includes a button that allows users to remove recipients from the
message.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

Use Case Guide www.fortra.com page: 167

 Safe Recipients checking / Perform safe recipients checking based on email properties and metadata

2. Enter a name for the Action in the Action Name text box; in this example, “Safe
Recipients for Internal emails”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Recipient Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Force Remediate Recipients - Allow users to select blocked recipients to
bypass the Policy violation. The Severity must be set to Warn to use this
parameter.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be prevented from sending the message when they violate the policy.
2. Save the Action.

Select the Actions When True

Use Case Guide www.fortra.com page: 168

 Safe Recipients checking / Perform safe recipients based on an Active Directory attribute

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Safe Recipients for Internal Emails” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
A user has attempted to send an email message classified as Internal to a recipient
who does not have a the “@titus.com” domain name.
A Policy Alert appears to inform the user about the Policy violation and to provide
remediation options.

Perform safe recipients based on an Active Directory

attribute
This use case illustrates how to create a Policy that uses Active Directory attributes to
restrict users from receiving email messages.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

Use Case Guide www.fortra.com page: 169

 Safe Recipients checking / Perform safe recipients based on an Active Directory attribute

NOTE: See
policy 8.1-8.2-8.3 Safe Recipients Checking in sample
UseCasesGuide.TCF file.

Add a Rule to the Recipient Policy

1. Select Policies from the side menu bar.

2. Select Recipient Policy and click the Edit button.
3. Click New to add a new Rule to the Recipient Policy.
4. Enter a name for the Rule; in this example, “Check Restricted Recipients using AD”.
5. Enter a Rule Description to further describe the purpose of the Rule.
6. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
7. Select the Repeat Rule checkbox.
Rules must be explicitly repeated if they apply to recipients or attachments. In this
use case the Rule must be repeated so that each recipient in the email message is
evaluated by the Rule.
8. Select “Message.Recipient” from the dropdown list.
9. Click Save and Continue.

Create a Dynamic Property

Use Case Guide www.fortra.com page: 170

 Safe Recipients checking / Perform safe recipients based on an Active Directory attribute

1. Click New in the Dynamic Properties section of the Add/Edit Rule page to create a
new Dynamic Property.
2. Enter the Dynamic Property Name; in this example, “Clearance”. This name will
appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “GetAttribute” from the Function dropdown list.

The Get Attribute function prompts Fortra Data Classification for Microsoft Outlook to run
an Active Directory query based on the AD Attribute name provided by the Administrator.

This function retrieves the specified Active Directory attribute. This attribute can then be
used in a conditional expression.

Define the Parameters for the GetAttribute Dynamic Function

Dynamic function parameters are configured by selecting the parameter and clicking the
Edit button.

1. Edit the parameters to match the image to the left.

l AccountName – Use the email recipient’s email address to call Active
Directory.
l AttributeName – Use “extensionAttribute2” to retrieve the Clearance level
assigned to the email recipient.
2. Save the Dynamic Property.

Configure a Condition

The condition for this Rule searches for scenarios when the message is classified as
RESTRICTED and the recipient does not have RESTRICTED clearance.

1. Click Edit in the Condition section of the page.

Use Case Guide www.fortra.com page: 171

 Safe Recipients checking / Perform safe recipients based on an Active Directory attribute

2. Click Add Condition ( ).

3. Click the Properties dropdown arrow and select
“Message.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “RESTRICTED” in the Value text box.
6. Click the Add Condition ( ) button.
NOTE: Ensure “AND” is selected in the top dropdown list.

7. Click the Properties dropdown arrow and select “Clearance”.

8. Select the “!=” operator from the Operator dropdown list.
9. Enter “RESTRICTED” in the Value text box.
10. Click OK.

Create and configure the Action

This Action displays a Warning Dialog that warns or blocks messages that contain a
recipient that is not permitted to receive an email message.

This Warning Dialog includes a button that allows users to remove recipients from the
message.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Restricted
Recipients Warning”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.

Use Case Guide www.fortra.com page: 172

 Safe Recipients checking / Perform safe recipients based on an Active Directory attribute

4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Recipient Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Force Remediate Recipients - Allows the user to select blocked recipients to
bypass the Policy violation. Ensure the Severity is set to Warn for this
parameter to work.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be prevented from sending the message when they violate the policy.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

Use Case Guide www.fortra.com page: 173

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

1. Select “Restricted Recipients Warning” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

EXAMPLE:
A user has attempted to send an email message to a recipient who does not have the
required RESTRICTED Clearance.
A Policy Alert appears to inform the user about the Policy violation and to provide
remediation options.

Perform safe recipients checking based on Active

Directory group membership
If a recipient without membership is included on the distribution list a Recipient Alert is
triggered to prevent the message from being sent.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See
policy 8.1-8.2-8.3 Safe Recipients Checking in sample
UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 174

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

Configure Active Directory Groups

For this example we created an Active Directory Group for each Project Name.

l Buena Vista
l Riverdale
l Parisienne
l Hollywood

Add users to each Active Directory Group

The required users are added to each Project group.

NOTE: Not all users are members of each Project Group.

Use Case Guide www.fortra.com page: 175

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

Create a Field

The Field name is Project and contains the following Project Values that correspond with
the Active Directory Groups:

l Buena Vista
l Riverdale
l Parisienne
l Hollywood

Add a Rule to the existing Recipient Policy

This Rule is used to restrict users from sending emails to recipients who do not have
access to the Active Directory Group.

1. Select Policies from the side menu bar.

2. Select Validating Recipient Policy and click the Edit button.
3. Click New to create a new Rule for the Policy.
4. Enter a name for the Rule; in this example, “CheckGroupBuenaVista”.
5. Enter a Rule Description to further describe the purpose of the Rule.
6. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.

Use Case Guide www.fortra.com page: 176

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

7. Select the Repeat Rule checkbox. Rules must be explicitly repeated if they apply to
recipients or attachments. In this use case the Rule must be repeated so that each
recipient in the email message is evaluated by the Rule.
8. Select “Message.Recipient” from the dropdown list.
9. Click Save and Continue.

Create a Dynamic Property

1. Click the New button in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “HasGroupBuenaVista”. This
name will appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “HasGroup” from the Function dropdown list.

Define the Parameters for the HasGroup Dynamic Function

Dynamic function parameters are configured by selecting the parameter and clicking the
Edit button.

1. Edit the parameters to match the image to the left.

The parameters are:
l AccountName – Enter “[Message.Recipient.Address]” to retrieve information
about the user’s AD Group membership.
l GroupName – Enter the name of the Active Directory Group name text box.
2. Save the Dynamic Property.

TheHasGroup Dynamic Function will check recipients for membership in this Active
Directory group.

Use Case Guide www.fortra.com page: 177

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

Create a Conditional Expression

This conditional expression uses the HasGroupBuenuVista Dynamic Value to determine if

the user has membership in the AD Group.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “Message.Metadata.Project”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “BuenaVista” in the Value text box.
6. Click Add Condition ( ).
NOTE: Ensure “AND” is selected in the top dropdown list.

7. Click the Properties dropdown arrow and select “HasGroupBuenaVista”.

8. Select the “=” operator from the Operator dropdown list.
9. Enter “0” in the Value text box.
The conditional expression should match the image.
10. Click OK.

Create and configure the Action

Use Case Guide www.fortra.com page: 178

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

This Action is used to prevent users who are not part of the selected Project Active
Directory Group from receiving an email.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Project
Recipient Alert”.
2. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
3. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
4. Select “Recipient Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Force Remediate Recipients - Allow users to select blocked recipients to
bypass the Policy violation. The Severity must be set to Warn to use this
parameter.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Use Case Guide www.fortra.com page: 179

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Project Recipient Alert” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Repeat this Use Case to create new a Rule, Dynamic Property, Conditional
Expression, and Action for each of the remaining Project Names:

l Riverdale
l Parisienne
l Hollywood
EXAMPLE:
The Fortra Data Classification for Microsoft Outlook user has chosen one of the
available Classification Values and Project Values.
A Recipient Alert appears because one of the recipients does not have access to the
Buena Vista Active Directory Group.

Use Case Guide www.fortra.com page: 180

 Safe Recipients checking / Perform safe recipients checking based on Active Directory group membership

Use Case Guide www.fortra.com page: 181

 Content Validation / Scan emails for credit card numbers

Content Validation
Content Validation is used to check documents and email messages for specific sensitive
information, such as Social Insurance numbers and credit card numbers. Content Validation
can also replace the sensitive data it finds in Fortra Data Classification for Microsoft
Outlook; this is called remediation or redaction.

Content Validation processing is defined through Content Validation Profiles. Content

Validation Profiles can be invoked by Rules through the RunContentProfile Dynamic
Property facility. The Rules can then use the results of the Content Validation to ensure that
appropriate precautions are taken, such as warning the user or assigning a classification.
For example, you can ensure that if an email or document contains a credit card number, it
must be classified as CONFIDENTIAL or above. The Policy engine can use email and
document content to trigger various Actions, such as:

l scan emails for credit card numbers

l scan documents for project names
l scan files for social security numbers
NOTE: You can also use Smart Regex or the Data Detection Engine (DDE) to address
some of these use cases. See the Fortra's Smart RegexGuide or Fortra's Data
Classification Suite (DCS) Data Detection EngineGuide for more information.

Scan emails for credit card numbers

This use case illustrates how to run a Content Validation Profile to scan email messages for
credit card numbers.

This is created using Fortra Data Classification for Microsoft Outlook for Microsoft Outlook

NOTE: See policy 9.1 Check for Credit Cards in sample UseCasesGuide.TCF file.

NOTE: You can also use Smart Regex or the Data Detection Engine to address this use
case. See the Fortra's Data Classification Suite (DCS) Data Detection Engine User Guide
or Fortra's Smart RegexGuide for more information.

Configure Send Anyway Justification

Send Anyway Justification forces Microsoft Outlook users to provide justification when they
send an email message that fails to comply with a DCS for Outlook Policy. Send Anyway

Use Case Guide www.fortra.com page: 182

 Content Validation / Scan emails for credit card numbers

Justification is configured by the Administrator so that Microsoft Outlook users can select a
reason from a pre-defined dropdown list or provide details in a text box using their own
words.

NOTE: Send Anyway Justification is not required for Content Validation. This step can be
omitted.

1. Select Application Settings from the side menu bar.

2. Click Edit in the Outlook column in the Classification Dialog UI row.
3. Clear the Use Global Settings checkbox.
4. Scroll down to the Justification UI section of the page.
5. Enter the text to appear in the dialog box, the label for the dropdown list, and the
label for the text entry box.
6. Select “Dropdown List” as the Type of Justification Selections Available.
7. Enter the list of Action Override and Classification Change Justifications that will
appear in the dropdown list for the user to select in the Selections text boxes.
Justifications must be separated by semi-colons.
Justification details can be mandatory based one of these dropdown selections. The
details entered by the user in the Justification text box are not validated by Fortra
Data Classification for Microsoft Outlook; however, the text is captured in the
Windows Event Log.
8. Enter the list (separated by semi-colons) of Action Override Justification and
Classification Change Justification that requires further details entered in the text
entry boxes.
9. Click Save.

Use Case Guide www.fortra.com page: 183

 Content Validation / Scan emails for credit card numbers

Create a Content Validation Profile

1. Select Content Validation Profile from the side menu bar.

2. Click New.

3. Enter a name for the Content Validation Profile in the Profile Name text box; in this
example, “Check for Credit Card Numbers”.

Use Case Guide www.fortra.com page: 184

 Content Validation / Scan emails for credit card numbers

The Profile name is required when creating a Dynamic Property to run the Profile as
part of a Policy. The name identified here must be exactly the same as the name
used in the Dynamic Property.
4. Select “Match Any” from the Match Mode dropdown list. This activates the profile if
the criteria meets any combination of the defined rules.
5. Enter the Violation Text string; in this example, “A credit card number has been
detected”. The phrase contained in this field can be used as text of a user alert
without showing the exact values found.
6. Click Save and Continue.

Create a Library Match

1. Click New in the Matches section.

2. Select “Library” from the Match Type dropdown list.

3. Click the Library button beside the MatchPattern text box and select the Credit Card
types you want to scan.
4. Select the Case Sensitive text box.
5. Enter characters/text in the Replacement text box to mask the violation text detected
by the Content Validation profile; in this example, “Credit card number detected”.
6. Click Save.

Use Case Guide www.fortra.com page: 185

 Content Validation / Scan emails for credit card numbers

Create a Policy

This Policy will execute the Content Validation Profile.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.

2. Enter a name for the Policy in the PolicyName text box; in this example, “Check for
Credit Cards”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 186

 Content Validation / Scan emails for credit card numbers

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply Credit Card CV Profile”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Create the CreditCardCheck Dynamic Property

This Dynamic Property uses the results of the run Content Validation Profile.

1. Click New in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “CreditCardCheck”. This name
will appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “RunContent Validation” from the Function dropdown list.

Define the Parameters for the RunContentValidation Dynamic Function

NOTE: At times the parameters may appear in a different order. Please ensure that the
correct parameter is being updated.

Dynamic function parameters are configured by selecting the parameter and clicking the
Edit button.

Use Case Guide www.fortra.com page: 187

 Content Validation / Scan emails for credit card numbers

1. Edit the parameters to match the image to the left.

l Content Validation Profile Name – Enter the name of the Content Validation
Profile you want to run.
l Source - When creating a RunContentValidation Dynamic Property for a Fortra
Data Classification for Microsoft Outlook Rule the following Sources are
supported:
l [Message.Body]
l [Message.Subject]
2. Save the Dynamic Property.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that
associated with the Rule. In this use case Actions are only applied if a credit card number is
found.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select “CreditCardCheck.Matches”.
4. Select the “!=” operator from the Operator dropdown list.
5. Leave the Value text box blank.
The conditional expression should match the image.
6. Click OK.

Use Case Guide www.fortra.com page: 188

 Content Validation / Scan emails for credit card numbers

Create and configure the Action

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Credit
Card Alert”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a message is sent” from the Policy Event dropdown list. This is
the Event that triggers the Action.
5. Select “Content Alert” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameters to match the image to the left.

l Title – The Title appears as the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of the
policy violation to users in the Policy Warning Dialog.
l Matches – This field must contain the exact name of the Dynamic Property you
will create in the Rule that will execute this Action, followed by the text
“.Matches”

Use Case Guide www.fortra.com page: 189

 Content Validation / Scan emails for credit card numbers

l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
l Masked Matches - This field must contain the exact name of the Dynamic
Property you will create in the Rule that will execute this Action, followed by the
text “.MaskedMatches”
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Credit Card Alert” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
The user attempted to send an email message containing a credit card number. This
triggers the Content Validation Policy. A Policy Warning Dialog appears with Correct
Message which allows the user to remediate the Policy violations.
Test credit card numbers are available on the internet.

Use Case Guide www.fortra.com page: 190

 Content Validation / Scan documents for project names

In this example, the user can disregard the Policy warning and send the message
anyway. To do so the user must click Send Anyway and provide justification for their
decision. This option is available because the Administrator enabled and configured
Send Anyway Justification.

Scan documents for project names

This use case illustrates how to run a Content Validation Profile to scan documents for
project names.

This is created using DCS for Office

Use Case Guide www.fortra.com page: 191

 Content Validation / Scan documents for project names

NOTE: Check
policy 9.2 Check Documents for Internal Project Name in sample
UseCasesGuide.TCF file.

NOTE:You can also use Smart Regex to address this use case. See the Fortra's Smart
Regex Guide for more information.

Create a Content Validation Profile

1. Select Content Validation Profile from the side menu bar.

2. Click New.

3. Enter a name for the Content Validation Profile in the Profile Name text box; in this
example, “ProjectNameCheck”.
The Profile name is required when creating a Dynamic Property to run the Profile as
part of a Policy. The name identified here must be exactly the same as the name
used in the Dynamic Property.
4. Select “Match Any” from the Match Mode dropdown list. This activates the profile if
the criteria meets any combination of the defined rules.
5. Enter the Violation Text string; in this example, “Internal Project Detected”. The
phrase contained in this field can be used as text of a user alert without showing the
exact values found.
6. Click Save and Continue.

Define the matches for the Content Validation Profile

Use Case Guide www.fortra.com page: 192

 Content Validation / Scan documents for project names

1. Click New in the Matches section.

2. Select “Text” from the Match Type dropdown.
3. Enter the text you want to search for in the MatchPattern text box.
4. Enter the replacement text that will appear in the event logs instead of “Project
Excel”; in this example, “Internal Project Name Detected”.
5. Click Save.

Create a Policy to run the Content Validation Profile

1. Select Policies from the side menu bar and click the New button to create a new
Policy.

2. Enter a name for the Policy in the PolicyName text box; in this example, “Check
Documents for Internal Project Names”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This is the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 193

 Content Validation / Scan documents for project names

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Apply the ProjectNameCheck CV Profile”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Leave Repeat Rule unchecked.
6. Click Save and Continue.

Create the ProjectCheck Dynamic Property

This Dynamic Property uses the results of the run Content Validation Profile.

1. Click New in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “ProjectCheck”. This name will
appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “RunContent Validation” from the Function dropdown list.

Define the Parameters for the RunContentValidation Dynamic Function

Dynamic function parameters are configured by selecting the parameter and clicking the
Edit button.

Use Case Guide www.fortra.com page: 194

 Content Validation / Scan documents for project names

1. Edit the parameters to match the image to the left.

l Content Validation Profile Name – Enter the name of the Content Validation
Profile you want to run.
l Source - When creating a RunContentValidation Dynamic Property for a Fortra
Data Classification for Microsoft Office Rule the following Sources are
supported:
l [Document.Body]
l [Document.Header]
l [Document.Footer]
2. Save the Dynamic Property.

Apply Condition to the Rule

Create the Condition to run the Content Validation Profile using the Dynamic Property.

1. Select ProjectCheck.Matches from the Pproperties dropdown list.

2. Select the does not equal operator “!=” from the Operator dropdown list.
3. Leave the Value text box blank.
4. Click OK.

Use Case Guide www.fortra.com page: 195

 Content Validation / Scan documents for project names

Create the Action

This Alert Action warns the user that a Project Name has been detected in a document.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Internal
Project Alert”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs before any open document is saved” from the Policy Event dropdown
list. This is the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameters to match the image to the left.

l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
l Title – This is the title for the message that will appear to users.
l Detailed Description – Enter the message text that will be displayed to the user.

Use Case Guide www.fortra.com page: 196

 Content Validation / Scan files for Social Security Numbers

l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Internal Project Alert” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
The following warning dialog will appear if the specified project text is detected in the
document.

Scan files for Social Security Numbers

Use Case Guide www.fortra.com page: 197

 Content Validation / Scan files for Social Security Numbers

This use case illustrates how to run a Content Validation Profile to scan files for Social
Insurance numbers.

This is created using Fortra Data Classification for Microsoft Outlook for Desktop

NOTE: See
policy 9.3 Scan Files for Social Security Numbers in sample
UseCasesGuide.TCF file.

NOTE: You can also use Smart Regex or the Data Detection Engine to address this use
case. See the Smart Regex Guide or the Data Detection Engine for DCS User Guide.

Create a Content Validation Profile

1. Select Content Validation Profile from the side menu bar.

2. Click New.

3. Enter a name for the Content Validation Profile in the Profile Name text box; in this
example, “SSNCheck”.
The Profile name is required when creating a Dynamic Property to run the Profile as
part of a Policy. The name identified here must be exactly the same as the name
used in the Dynamic Property.
4. Select “Match Any” from the Match Mode dropdown list. This activates the profile if
the criteria meets any combination of the defined rules.
5. Enter the Violation Text string; in this example, “A Social Security Number has been
detected”. The phrase contained in this field can be used as text of a user alert
without showing the exact values found.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 198

 Content Validation / Scan files for Social Security Numbers

Create a Library Match

1. Click New in the Matches section.

2. Select “Library” from the Match Type dropdown list.

3. Click the Library button beside the MatchPattern text box and select the
SocialSecurityNumber checkbox.
4. Select the Case Sensitive text box if you want to make the search case sensitive.
5. Enter the characters/text in the Replacement text box that will mask the violation
text detected by the Content Validation profile; in this example, “Social Security
Number detected”.
6. Click Save.

Create a Policy to run the Content Validation Profile

Use Case Guide www.fortra.com page: 199

 Content Validation / Scan files for Social Security Numbers

1. Select Policies from the side menu bar.

2. Click New to create a new Policy.

3. Select Policies from the side menu bar and click the New button to create a new
Policy.
4. Enter a name for the Policy in the PolicyName text box; in this example, “Check Files
for Social Security Numbers”.
This Policy will execute the “SSNCheck” Content Validation Profile.
5. Enter a description of the purpose of the Policy in the Policy Description text box.
6. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
7. Select “Occurs when user changes the classification of a file” from the Policy Event
dropdown list. This is the Event that triggers the Policy.
8. Click Save and Continue.

Create and configure the First Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Iterate through files”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.

Use Case Guide www.fortra.com page: 200

 Content Validation / Scan files for Social Security Numbers

5. Select the Repeat Rule checkbox.

Rules must be explicitly repeated if they apply to files. In this use case the Rule must
be repeated so that each file is evaluated by the Rule.
6. Select “File” from the dropdown list.
7. Click Save and Continue.

Create the FileContent Dynamic Property

This Dynamic Property is used to extract the text from files so the Content Validation Profile
can search for the Social Security Numbers.

1. Click the New button in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “FileContent”. This name will
appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “GetTextFromFile” from the Function dropdown list.

Define the Parameters for the GetTextFromFile Dynamic Function

1. Select FilePath and click the Edit button.

2. Enter “[File.Path]” in the Value text box.
3. Click Save.

Use Case Guide www.fortra.com page: 201

 Content Validation / Scan files for Social Security Numbers

Create and Configure the Second Rule

1. Select the first Rule (Iterate through files) and click the New button to create a
second Rule.
2. Enter a name for the Rule; in this example, “Check File Content”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Leave Repeat Rule unchecked. This Rule is a sub-Rule of a Rule that is already
repeated.
6. Click Save and Continue.

Create the RunCVProfile Dynamic Property

This Dynamic Property is used to execute the Content Validation Profile to search for Social
Security Numbers.

1. Click New in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “RunCVProfile”. This name will
appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “RunContentValidation” from the Function dropdown list.

Use Case Guide www.fortra.com page: 202

 Content Validation / Scan files for Social Security Numbers

Define the Parameters for the RunContentValidation Dynamic Function

1. Select the Content Validation Profile Name parameter and click the Edit button.
2. Enter SSNCheck in the Value text box and click OK.
3. Select the Source parameter and click the Edit button.
4. Enter “[FileContent]” in the Value text box and click OK.
NOTE: “FileContent” is the name of the Dynamic Property used to extract the text from
files. This Dynamic Property was defined in the first Rule.

5. Click Save.

Create the Conditional Expression

This Condition ensures that users are only informed that a Social Security Number appears
in a file if it is detected when the Policy is applied.

1. Select “RunCVProfile.Matches” from the Pproperties dropdown list.

2. Select the does not equal operator “!=” from the Operator dropdown list.
3. Leave the Value text box blank.
4. Click OK.

Use Case Guide www.fortra.com page: 203

 Content Validation / Scan files for Social Security Numbers

Create and configure the Action

This Alert warns the user that a Social Security Number has been detected in a file.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “File Alert”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when user changes the classification of a file” from the Policy Event
dropdown list. This is the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
l Title – This parameter allows the Administrator to create a title for message
that will appear to users.
l Detailed Description – Enter the display message text that will be displayed to
the user.

Use Case Guide www.fortra.com page: 204

 Content Validation / Scan files for Social Security Numbers

l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
2. Save the Action.

Select Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “File Alert” from the Available Actions list box and click the arrow to move this
Action to the Selected Actions list box.
2. Click OK.
3. Save the Rule and Policy.

Complete view of the Rule

Use Case Guide www.fortra.com page: 205

 Content Validation / Scan files for Social Security Numbers

EXAMPLE:
The following warning dialog appears when the user attempts to change the
Classification of a file that contains a Social Security Number.

Use Case Guide www.fortra.com page: 206

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

Data protection and user education

These use cases illustrate how Administrators can author Policies designed to raise user
awareness while protecting corporate data.

Policies promote a culture of security. Policies can be designed to shape user behavior and
increase accountability by stopping mistakes before they happen by providing immediate
feedback about potential privacy violations.

Allow the original classifier to downgrade the

Classification of a document
This use case illustrates how Administrators can ensure that only the original classifier of a
document can downgrade the Classification.

This is created using DCS for Office

Create a Set The Originator Policy

This Policy is applied when a new document is created to capture the original classification
of the document.

NOTE: See policy 10.1-1 OnlyOriginatorDownGrade in sample UseCasesGuide.TCF file.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example,
“SetTheOriginator”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a new document is created” from the Policy Event dropdown
list. This is the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 207

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

Create and configure the Rule

This Rule identifies the document author and ensures that this information is saved.

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “SettingTheOriginator”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create and configure the Action

This Action applies Custom Properties to the document to identify the originator by their
user name.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example,
“SetTheAuthor”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a new document is created” from the Policy Event dropdown
list. This is the Event that triggers the Action.
5. Select “Set Custom Properties” from the Action Type dropdown list.

Use Case Guide www.fortra.com page: 208

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

Define the Action Parameters

1. Edit the parameters to match the image.

l Property name – Enter OriginatingUser as the property name.
l Property value – Enter [Context.Username] to obtain the username of the
current logged in user.
2. Save the Action.

Select the Actions When True

1. Select “SetTheAuthor” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK .
4. Save the Rule and Policy.

Create the Second Policy

This Policy is applied when a user attempts to change the classification of the document.

NOTE: See policy 10.1-2 OnlyOriginatorDownGrade in sample UseCasesGuide.TCF file.

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example,
“OnlyOriginatorDownGrade”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.

Use Case Guide www.fortra.com page: 209

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

5. Select “Occurs when user changes the classification of a document” from the Policy
Event dropdown list. This is the Event that triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule for the Second Policy

This policy sets the originator for a legacy document.

1. Click New in the Rules section of the page.

2. Enter a name for the Rule; in this example, “Legacy Documents”.
3. Enter a Rule Description to further describe the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule.

1. Click Add Condition ( ).

2. Click the Properties dropdown arrow and select
“Document.CustomDocumentProperties”.
3. Click the Operator dropdown arrow and select the does not contain “!contains”
operator.
4. Enter “OriginatingUser” in the Value text box.
5. Click Add Condition ( ).
NOTE: Ensure “AND” is selected from the top dropdown list.

6. Click the Properties dropdown arrow and select “Document.HasMetadata”.

7. Click the Operator dropdown arrow and select the “=” operator.

Use Case Guide www.fortra.com page: 210

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

8. Enter “False” in the Value text box.

The conditional expression should match the image.
9. Click OK.

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example,
“SetTheAuthor”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when user changes the classification of a document” from the Policy
Event dropdown list. This is the Event that triggers the Action.
5. Select “Set Custom Properties” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 211

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

1. Edit the parameters to match the image to the left.

l Property name – Enter OriginatingUser as the property name.
l Property value – Enter [Context.UserName] to obtain the username of the
current logged in user.
2. Save the Action.

Select the Actions When True

1. Select “SetTheAuthor” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Create and configure the CheckTheOriginator Rule

This rule retrieves the name of the originator when a user attempts to change the
classification of a document.

1. Click New in the Rules section of the page.

2. Enter a name for the Rule; in this case, “CheckTheOriginator”.
3. Enter a Rule Description to further describe the Rule.
4. Select the Rule Active checkbox to enable the Rule.
5. Click Save and Continue.

Use Case Guide www.fortra.com page: 212

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

Create the Conditional Expression

The defined conditions must be evaluated as true in order to apply the Actions that have
been associated with the Rule.

1. Click Edit in the Condition section of the page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and elect
Document.CustomDocumentProperties.
4. Click the Operator dropdown arrow and select the “!contains” operator.
5. Enter “[CurrentUserToCompare]” in the Value text box.
6. Click the Add Condition ( ) button.
NOTE: Ensure “AND” is selected in the top dropdown list.

7. Click the Properties dropdown arrow and select

Document.Metadata.CLASSIFICATION.
8. Click the Operator dropdown arrow and select the less than “<” operator.
9. Enter [Document.OriginalMetadata.CLASSIFICATION] in the Value text box.
10. Click OK.

Configure the Dynamic Property CurrentUserToCompare

This Dynamic Property assigns the User Name of the document originator.

Use Case Guide www.fortra.com page: 213

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

1. Click New in the Dynamic Properties section of the Add/Edit Rule page.
2. Enter the Dynamic Property Name; in this example, “CurrentUserToCompare”. This
name will appear in the Condition Editor dropdown list.
3. Enter the Dynamic Property Description.
4. Select “Assign” from the Function dropdown list.

Define the Parameters for the Assign Dynamic Function

1. Select the Value parameter and click the Edit button.

2. Enter OriginatingUser=[Context.Username] in the Value text box.
3. Click OK.

Create and configure the NotAllowedToDowngrade Action

This Alert warns the user that they are not permitted to change the classification of a
document unless they are the originator.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a Name for the Action in the Action Name text box; in this example,
“NotAllowedToDowngrade”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when user changes the classification of a document” from the Policy
Event dropdown list.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 214

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

1. Edit the parameters to match the image on the previous page.

l Severity – Possible values are Log Only, Warn, and Prevent. In this use case the
user will be warned when they violate the policy.
l Title – This parameter allows the Administrator to create a title for message
that will appear to users.
l Detailed Description – Enter the display message text that will be displayed to
the user.
l Expand Detailed Description - Set to Yes to allow the detailed description to
appear by default.
2. Save the Action.

Create and configure the ResetClassification Action

This Action resets the Classification value assigned by document originator.

1. Click the New button in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a Name for the Action in the Action Name text box; in this example,
“ResetClassification”.
3. Enter a description of the Action in the Action Description text box.
4. Select “Occurs when user changes the classification of a document” from the Policy
Event dropdown list.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Use Case Guide www.fortra.com page: 215

 Data protection and user education / Allow the original classifier to downgrade the Classification of a document

1. Edit the parameters to match the image on the previous page.

l Reason – This reason appears to the user when classification is set.
l Classification to set – This parameter resets the Classification to the original
value.
l Classification=[Document.OriginalMetadata.Classification]
l Suggest – When False, the user cannot confirm or reject the classification
suggested by the Policy.
2. Save the Action.

Select the Actions When True

1. Select “NotAllowedToDownGrade” and “ResetClassification” from the Available

Actions list box.
Use CTRL+Click to select more than Action.
2. Click the arrow to move the Actions to the Selected Actions list box.
3. Click OK.
4. Select Deny from the Result dropdown list to prevent Classification downgrades.
5. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 216

 Data protection and user education / Prevent document printing

EXAMPLE:
The following warning dialog appears on the client desktop when a user attempts to
downgrade the classification of document without the required privileges.

Prevent document printing

This use case illustrates that Fortra's DCS for Office (On-premises) can prevent users from
printing restricted documents.

This is created using DCS for Office

NOTE: See policy 10.2 Printing Policy in sample UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Printing
Policy”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs before any open document is printed” from the Policy Event
dropdown list. This is the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 217

 Data protection and user education / Prevent document printing

Create and Configure the Rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Prevent Restricted Document Print”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the document is
Classified as Restricted.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Document.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “RESTRICTED” in the Value text box. The conditional expression should match
the image.
6. Click OK.

Set the Result and Behavior Flow

1. In the Actions When True section, Select “Deny” from the Result dropdown list. This
prevents the Microsoft Office Print event from occurring.
2. In the Actions When True section, Select “Stop” from the Behaviour Flow dropdown
list to stop evaluating Rules after the Rule has been applied to a document.

Use Case Guide www.fortra.com page: 218

 Data protection and user education / Prevent document printing

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Prevent
Print - Restricted”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs before any open document is printed” from the Policy Event
dropdown list. This is the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

1. Edit the parameters to match the image to the left.

l Severity – Possible values are Log Only and Warn. In this use case the user will
be warned when they violate the policy.
l Title – This parameter allows the Administrator to create a title for message
that will appear to users.

Use Case Guide www.fortra.com page: 219

 Data protection and user education / Alert users when a document is opened

l Detailed Description – Enter the display message text that will be displayed to
the user.
l Expand Detailed Description - Set to Yes if you want the detailed description to
appear by default.
2. Save the Action.

Select the Actions When True

1. Select “Prevent Print – Restricted” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
An Alert appears when the user attempts to print a Restricted document. In this
scenario, printing is prevented.

Alert users when a document is opened

This use case illustrates that Fortra's DCS for Office (On-premises) can be used to alert
users when opening documents classified as Internal.

This is created using DCS for Office

Use Case Guide www.fortra.com page: 220

 Data protection and user education / Alert users when a document is opened

NOTE: See
policy 10.3 Alert Users When a Doc is Opened in sample
UseCasesGuide.TCF file.

Use Case Guide www.fortra.com page: 221

 Data protection and user education / Alert users when a document is opened

Create the Policy

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “On Open
Warnings”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy.
By default Policies are disabled when they are created.
5. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This is the Event that triggers the Policy.
6. Click Save and Continue.

Create and Configure the Rule

1. Click the New button in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Warn on Internal”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule.
By default Rules are disabled when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Action(s) that have
been associated with the Rule. In this use case Actions are only applied if the document is
classified as Internal.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).

Use Case Guide www.fortra.com page: 222

 Data protection and user education / Alert users when a document is opened

3. Click the Properties dropdown arrow and select

“Document.Metadata.CLASSIFICATION”.
4. Select the “=” operator from the Operator dropdown list.
5. Enter “INTERNAL” in the Value text box.
The conditional expression should match the image.
6. Click OK.

Create and Configure the Action

This Action warns users when opening an Internal Document.

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Warn user
when opening Internal Document”.
3. Enter a description of the Action in the Action Description text box.

Use Case Guide www.fortra.com page: 223

 Data protection and user education / Alert users when a document is opened

4. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This is the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

1. Edit the parameters to match the image to the left.

l Severity – Possible values are Log Only, Warn, and Prevent. For this example
the Action is defined as Warn.
l Title – This parameter allows the Administrator to create a title for warning
dialog that will appear to users.
l Display Message – Enter the display message text that will be displayed to the
user in the Warning Dialog.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Warn user when opening Internal Document” from the Available Actions list
box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.

Use Case Guide www.fortra.com page: 224

 Data protection and user education / Reset the document classification after specified time interval

EXAMPLE:
When a user opens a document that has been classified as Internal a warning appears.
The purpose of this warning is to provide information about proper handling and
distribution of Internal documents.

Reset the document classification after specified time

interval
This use case illustrates how Fortra's DCS for Office (On-premises) can be used to reset the
classification to public if the document was originally labelled over a year ago.

This is created using DCS for Office

NOTE: See
policy 10.4 Reclassify Documents After One Day in sample
UseCasesGuide.TCF file.

Create the Policy

Use Case Guide www.fortra.com page: 225

 Data protection and user education / Reset the document classification after specified time interval

1. Select Policies from the side menu bar and click the New button to create a new
Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, “Reclassify
Documents After One Year”.
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This is the Event that triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click Newin the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Reclassify Documents”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create the Conditional Expression

The defined condition must be evaluated as true in order to apply the Actions that have
been associated with the Rule. In this use case Actions are only applied if the Classification
date was over a year ago.

1. Click Edit in the Condition section of the Add/Edit Rule page.

2. Click Add Condition ( ).
3. Click the Properties dropdown arrow and select
“Document.Metadata.ClassificationDate”.
4. Select the “<” operator from the Operator dropdown list.

Use Case Guide www.fortra.com page: 226

 Data protection and user education / Reset the document classification after specified time interval

5. Enter “[Environment.Date-365]” in the Value text box. The conditional expression

should match the image.
6. Click OK.

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.

2. Enter a name for the Action in the Action Name text box; in this example, “Set to
Public”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “” from the Policy Event dropdown list. This is the Event that triggers the
Action.
5. Select “Set Classification” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit button.

Use Case Guide www.fortra.com page: 227

 Data protection and user education / Reset the document classification after specified time interval

1. Edit the parameters to match the image to the left.

l Reason – This reason appears to the user when the classification is set to
public.
l Classification to set – Configure to set Classification to Public
(Classification=Public) when the user opens a document that was classified
over one year ago.
l Suggest- Set to True to allows the user to confirm the Classification.
l Always Show Reason- Set to True to show the new Classification and reason
for change to the user.
l Enable Justification – Set to False by default. When True the user is permitted
to provide information about why they are disregarding the policy warning and
still sending the email message.
2. Save the Action.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Set to Public” from the Available Actions list box.

2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.
4. Save the Rule and Policy.
EXAMPLE:
The Classification Selector Dialog appears when a document classified over a year ago
is opened. The classification change message and new Public classification are
displayed to the user.

Use Case Guide www.fortra.com page: 228

 Data protection and user education / Block documents from uploading to cloud storage

Block documents from uploading to cloud storage

This use case illustrates how to block Restricted documents from being uploaded to cloud
storage. The user is also presented with an Alert to indicate why the document could not be
uploaded to the cloud.

This is created using DCS for Office

NOTE: See policy 10.5 Block upload to the cloud in sample UseCasesGuide.TCF file.

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the PolicyName text box; in this example, enter "Block
upload to the cloud".
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select “Occurs when a document is uploaded to a file storage in the cloud” from the
Policy Event dropdown list. This is the Event that triggers the Policy.
6. Click Save and Continue.

Use Case Guide www.fortra.com page: 229

 Data protection and user education / Block documents from uploading to cloud storage

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Block upload to the cloud”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create and configure the Action

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Restricted
Document Rules”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a document is uploaded to a file storage in the cloud” from the
Policy Event dropdown list. This is the Event that triggers the Action.
5. Select “Alert” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit
button.

1. Edit the parameters to match the image to the left.

l Title – This is the title text for the Policy Warning Dialog.
l Detailed Description – This is the message that describes the details of
the policy violation to users in the Policy Warning Dialog.

Use Case Guide www.fortra.com page: 230

 Data protection and user education / Block documents from uploading to cloud storage

l Expand Detailed Description – Set to True if you want the detailed

description to appear by default.
2. Click Save.

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Restricted Document Rules” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.

Set the Result and Behavior Flow

1. In the Actions When True section, Select “Deny” from the Result dropdown list to
prevent the upload from occurring.
2. In the Actions When True section, Select “Stop” from the Behaviour Flow dropdown
list to stop evaluating Rules additional rules in the Policy.
3. Save the Rule and the Policy.

Use Case Guide www.fortra.com page: 231

 Data protection and user education / Prevent Document Sharing

EXAMPLE:
Any attempt to upload a Restricted document to the cloud is blocked. The user is also
provided with an Alert explaining why the upload was blocked.

Prevent Document Sharing

This use case illustrates how to prevent users from sharing content from protected
documents with others over such platforms as Webex, Zoom, and Microsoft Teams.

This is created using DCS for Office.

NOTE: Dueto limitations in the Microsoft API, the TCOPreventDocumentScreenShare

may not work under certain conditions, such as sharing your document over a virtual
machine. For more information, see https://docs.microsoft.com/en-
us/windows/win32/api/winuser/nf-winuser-setwindowdisplayaffinity.

Use Case Guide www.fortra.com page: 232

 Data protection and user education / Prevent Document Sharing

Create the Policy

1. Select Policies from the side menu bar and click New to create a new Policy.
2. Enter a name for the Policy in the Policy Name text box; in this example, enter
"Prevent document sharing".
3. Enter a description of the purpose of the Policy in the Policy Description text box.
4. Select the Policy Enabled checkbox to enable the Policy. By default Policies are
disabled when they are created.
5. Select Occurs when a document is opened” from the Policy Event dropdown list. This
is the Event that triggers the Policy.
6. Click Save and Continue.

Create and configure the Rule

1. Click New in the Rules section of the page to create a Rule for the Policy.
2. Enter a name for the Rule; in this example, “Prevent document sharing”.
3. Enter a Rule Description to further describe the purpose of the Rule.
4. Select the Rule Active checkbox to enable the Rule. By default Rules are disabled
when they are created.
5. Click Save and Continue.

Create and configure the Action

Use Case Guide www.fortra.com page: 233

 Data protection and user education / Prevent Document Sharing

1. Click New in the Actions When True section.

The Add/Edit Action page appears.
2. Enter a name for the Action in the Action Name text box; in this example, “Prevent
Document Sharing”.
3. Enter a description of the Action in the Action Description text box. The description
provides further details about when and why the Action should be applied.
4. Select “Occurs when a document is opened” from the Policy Event dropdown list.
This is the Event that triggers the Action.
5. Select “Apply Custom Action” from the Action Type dropdown list.

Define the Action Parameters

Action parameters are configured by selecting the parameter and clicking the Edit
button.

1. Edit the parameters to match the image to the left.

Custom Action ID – Used to locate the DLL located at C:\Program
Files\Titus\Titus Classification for Office. Enter
TCOPreventDocumentScreenShare.
Optional Additional Parameters – Enter optional parameters to pass the
custom action, for example, if you want the policy to re-enable screen sharing,
enter a value of "False".
Error Dialog Title - Enter the title of the warning dialog. Enter "Custom Action
Alert".
Error message to display – Enter the error message that will be displayed to the
user. Enter "The custom action has returned an error."
Failure Behavior – Enter the behavior if the processing fails. Values can be Log
only, Warn, Warn and Prevent.
2. Click Save.

Use Case Guide www.fortra.com page: 234

 Data protection and user education / Prevent Document Sharing

Select the Actions When True

Once you have saved the Action, the Edit Rule Actions window appears.

1. Select “Prevent Document Sharing” from the Available Actions list box.
2. Click the arrow to move the Action to the Selected Actions list box.
3. Click OK.

Use Case Guide www.fortra.com page: 235

 Upgrade from Titus Classification 3.x / Schema – Titus 3.5 and 4.x+ comparison table

Upgrade from Titus Classification

3.x
Data Classification Suite allows Administrators to define the events, conditions, and actions
to create customized policies.

Schema – Titus 3.5 and 4.x+ comparison table

The following table compares the Titus Message Classification 3.x Control Structure and
Titus Classification Suite version 4.x and higher Metadata Schemas.

3.x 4.x+ Implementation Notes

Feature
Control Field In 3.x Policies in Titus Message
Classification and Titus Classification
Like a Control, a Field is displayed for Office were applied based on the
to the user in the Titus user classification selected by the user. In
interface. this release, Policies are triggered by
an Event.
Control Value A classification Value can be
Selection automatically applied to a message or
Item A Value is a label that is document by selecting a property or
associated with a Field. combining multiple properties (in a
conditional expression) and applying
the Set Message Classification or Set
Classification Action.
Sub- Dependent Field When creating a Dependent Field using
Control the Field Conditionality tool the
A Dependent Field is a Field that is Administrator is able to select the
dependent on a higher level Value. Values that apply to the Dependent
Dependent Fields are used to Field.
provide context-sensitive labeling,
where only the Fields relevant to
the user’s previous selection are
presented.

Use Case Guide www.fortra.com page: 236

 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x

3.x 4.x+ Implementation Notes

Feature
Control Field Conditionality In Titus 3.x Policy Groups are
Structure associated with Control Selection
Field Conditionality creates the Items. This enables the appropriate
relationships between Fields and Policy to be applied when a user
Dependent Fields. These selects a classification label.
dependencies are configured in
the Administration Console and
determine how classifications are
presented to the user.

Upgrade from Titus Message Classification 3.x

Titus Message Classification v4.x allows the Administrator to define the conditions that
determine when Titus interacts with users or content in Microsoft Outlook. The
Administrator can combine the following variables to create a Policy customized
specifically to meet the email security requirements for their organization:

l email properties
l classification metadata
l or other sensitive information

Titus Policies are no longer directly associated with Classification Fields. Policies contain
Rules and Conditions. Polices can, however, use Classification metadata to make Policy
decisions.

Policy comparison - Titus Message Classification 3.5 vs. 4.x+

In Titus Message Classification 3.x, Policies were triggered when the user selected a
classification label for the email message. Titus Message Classification 3.x Policies were

Use Case Guide www.fortra.com page: 237

 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x

pre-defined with a single method of interacting with the user or the content on the Client
desktop.

In 4.x+, many Policies have become Actions. Actions are triggered based on the conditional
expression created within a Rule. Conditional Expressions can contain specific email
properties or metadata Fields.

Actions perform functionality that is exposed on the Client desktop. These Actions provide
information to the user (a Warning Message) or perform an Action such applying an RMS
template to an email message. In 4.x+, multiple Actions can be applied to one Rule.

The following table lists the Policies available in Fortra Data Classification for Microsoft
Outlook 3.x and describes the v4.x+ implementation.

3.x Policy 4.x+ Implementation Example

Acknowledgemen In 4.x Acknowledgment is an
t Action that occurs.
Attachment This 3.x Policy is not included in
Checking the list of 4.x Actions because its
functionality can be implemented
using the following email
Properties in a conditional
expression:
The Acknowledgement Action is
triggered when a conditional
expression is created for a Rule
and it is evaluated as true.
In v4.x the Administrator can
create a conditional expression
to ensure that the email
attachment does not exceed the
classification of the email
message.

Message.Metadata If the conditional expression is

evaluated as true the
Message.HasMetadata ClassificationAlert Action can be
applied to inform the user that
Message.Attachment they must upgrade the
classification level of the email
Message.Attachment.HasMetada message before it can be sent.
ta See Attachment checking with
Upgrade Message remediation
Message.Attachment.Metadata option on page 128 for more
information.

Use Case Guide www.fortra.com page: 238

 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x

3.x Policy 4.x+ Implementation Example

Attachment This 3.x Policy is not included in
Checking by the list of 4.x Actions because its
Filename functionality can be implemented
using the following email
Property in a conditional
expression:
Message.Attachment.FileName
For example the Administration
can create a Policy that includes
a specific name “Employee pay
scale.xls” or specific file types
“*.cad” or contains some text
“Message.FileName contains
SECRET”.
If the conditional expression is
evaluated as true the
Administrator can apply an
Action such as the Alert Action.
See

This 3.5 Policy is now an

application setting

This feature examines the

classification manually added to
the filename of an attached
document to ensure that it is not
classified at a higher level than
the email message.

For example, if the file

Q3CompanyResults_
Internal.docx is attached to an
email classified as Public,
attachment checking by filename
can act on the manually entered
classification of “Internal” in the
filename.

Use Case Guide www.fortra.com page: 239

 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x
3.x Policy 4.x+ Implementation
Attachment This 3.x Policy is not included in
Properties the list of 4.x Actions because its
functionality can be implemented
using the following email
Properties in a conditional
expression:
Message.Metadata
Message.HasMetadata
Message.Attachment
Message.Attachment.FileName
Message.Attachment.Path
Message.Attachment.SizeKB
Message.Attachment.Index
Message.Attachment.HasMetada
ta
Message.Attachment.Metadata
Message.AttachmentCount
Message.AttachmentTotalSizeKB
BCC Auditing In 4.x, BCC Auditing is an Action
that occurs.
Use Case Guide www.fortra.com
Example
In 4.x the Administrator can
create a conditional expression
to review the email attachment
properties for information. The
Administrator can create
conditional expressions to
identify the Document Properties
that require Actions.
([Message.AttachmentCount] >
"2" OR
[Message.AttachmentTotalSizeK
B] > "300" )
The Alert Action can be applied
to inform the user that they must
upload the document to
SharePoint instead of sending
the documents as email
attachment(s).
See Attachment checking with
Upgrade Message remediation
option on page 128 for more
information.
In 4.x, the Administrator can
create a conditional expression
to identify email messages that
should be BCC’d.
For example the Administrator
can create a condition statement
that triggers the BCC Auditing
Policy if specific words
(Restricted, Do Not Distribute)
are found in an email message.
page: 240
 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x

3.x Policy 4.x+ Implementation Example

Body Tagging In 4.x, Body Tagging is an Action In 4.x, the Administrator can
that occurs. create a conditional expression
to identify which email
messages should be Body
Tagged.

Specific Body Tags can be

Content In 4.x Content Validation is
Validation performed through a Content
Alert Action.
Custom X-Header In 4.x Custom X-Header is an
Action that occurs.
Maximum This 3.x Policy is not included in
Recipients the list of 4.x Actions because its
functionality can be implemented
using the following email
Property in a conditional
expression:
Message.RecipientCount
applied based on the selected
classification.
See Content Validation on page
182.
In 4.x, the Administrator can
create a conditional expression
to identify which email
messages should contain a
Custom X-Header.
In 4.x, the Administrator can
create a conditional expression
to review the
Message.RecipientCount email
property.
([Message.RecipientCount] >
"100" )

The Alert Action can be applied

to inform the user that they have
exceeded the number of
recipients allowed for an email
message.
Outlook In 4.x, Outlook Categories is an In 4.x, the Administrator can
Categories Action that occurs. create a conditional expression
to identify which email
messages should contain
Outlook Categories.
RMS In 4.x, RMS is an Action that In 4.x, the Administrator can
occurs. create a conditional expression
to identify which email
messages should have an RMS
template applied.

Use Case Guide www.fortra.com page: 241

 Upgrade from Titus Classification 3.x / Upgrade from Titus Message Classification 3.x

3.x Policy 4.x+ Implementation Example

S/MIME In 4.x, S/MIME Sign/Encrypt is an In 4.x, the Administrator can
Sign/Encrypt Action that occurs. create a conditional expression
to identify which email
messages should be S/MIME
Sign/Encrypted.
Safe Recipients This 3.x Policy is not included in In 4.x, the Administrator can
the list of Actions because its create a conditional expression
functionality can be implemented to review the email message
using the following email recipient properties for
Properties in a conditional information.
expression:
The Recipient Alert Action can be
Message.Recipient applied to inform the user that
they included a restricted
Message.Recipient.Address recipient on the email
distribution list.
Message.Recipient.Domain
The Policy Warning Dialog also
Message.Recipient.RecipientType includes remediation options
including a Remove Recipient
button.

See Perform safe recipients

Subject Checking This 3.x Policy is not included in
the list of Actions because its
functionality can be implemented
using the following email
Properties in a conditional
expression:
Message.Subject
Message.Subject.Length
Subject Labeling In 4.x Subject Labeling is an
Action that occurs.
checking based on email
properties and metadata on page
165.
In 4.x, the Administrator can
create a conditional expression
to review the message subject
properties for information.
( [Message.Subject.Length] < "1"
)
The Alert Action can be applied
to inform the user that they must
review the message subject
before sending the email.
In 4.x, the Administrator can
create a conditional expression
to review the subject properties
for information.

Use Case Guide www.fortra.com page: 242

 Upgrade from Titus Classification 3.x / Upgrade from Titus Classification for Microsoft Office 3.x

3.x Policy 4.x+ Implementation Example

Warn on Send This 3.x Policy is not included in
the list of Actions because its
functionality can be implemented
by applying an Action to a Rule
without any conditions.

Upgrade from Titus Classification for Microsoft Office

3.x
Titus Classification for Microsoft Office 4.x and higher allows the Administrator to define
the conditions that determine when DCS interacts with users or content in Microsoft Office.
The Administrator can combine the variables to create a Policy customized specifically to
meet the document security requirements for their organization.

Policies are no longer directly associated with Classification Fields. Policies contain Rules
and Conditions. Polices can, however, use Classification metadata to make Policy
decisions.

Policy Comparison - Titus Classification for Office 3.5 vs. 4.x

and higher
In Titus Classification for Microsoft Office 3.x, Policies were triggered when the user
selected a Classification label for the document. Policies were predefined and came pre-
configured with a single method of interacting with the user or the content on the Client
desktop.

In 4.x and higher, many Policies became Actions. Actions are triggered based on the
conditional expression created within a Rule. Conditional Expressions can contain specific
document properties or metadata Fields. Actions perform functionality that is exposed on
the Client desktop. These Actions provide information to the user (a Warning Message) or

Use Case Guide www.fortra.com page: 243

 Upgrade from Titus Classification 3.x / Upgrade from Titus Classification for Microsoft Office 3.x

perform an Action such applying an RMS template to a document. In 4.x+, multiple Actions
can be applied to one Rule.

The following table lists the Policies available in Titus Classification for Microsoft Office 3.x
and describes the v4.x+ implementation.

3.x Policy 4.x+ Implementation

Advanced The Advanced Header/Footer Policy is replaced by the Apply
Header/Footer Headers/Footers Action.
Content Scanner In 4.x+, Content Scanner is an Action that occurs.
Custom Property In 4.x+, the Custom Property Policy is replaced by the Set Custom
Properties Action.
Document The Document Inspector Policy is replaced by the Run Document
Inspector Inspector Action.
Header/Footer The Header/Footer Policy is replaced by the Apply Advanced
Headers/Footers Action.
HTML The HTML Header/Footer Policy is replaced by the Apply HTML
Header/Footer Headers/Footers Action.
Keywords The Keywords Policy is replaced by the Add Keywords Action.
Liquid Machines This Policy is not implemented in 4.x+
RMS In 4.x+, RMS is an Action that occurs.
Watermark In 4.x+, Watermark is an Action that occurs.

See Apply a watermark to documents classified as restricted on

page 51.

Use Case Guide www.fortra.com page: 244

 Contacting Fortra /

Contacting Fortra
Please contact Fortra for questions or to receive information about Data Classification Suite
for Windows (On-premises).

For additional resources, or to contact Technical Support, visit our website at

https://dataclassification.fortra.com/ or support.fortra.com. You can email Support at
[email protected].

Gather and organize as much information as possible about the problem including job/error
logs, screen shots or anything else to document the issue.

Use Case Guide www.fortra.com page: 245