This involves a number of post-deployment tasks, before you deploy CA DLP across your organization, and also routine maintenance of your user accounts to reflect changing business needs.
Finally, you also need a strategy for creating and managing other administrators, and ensuring that the extent of their administrative authority is sufficient and appropriate.
Before rolling out CA DLP across your organization, you must determine how it handles new users: can new users enroll themselves, or are new accounts created solely by administrators? Or do you want to import user details into CA DLP from an existing source such as your Microsoft Exchange server. You must also define an appropriate default policy for new users. This policy will be fairly restrictive to ensure that new users adhere to your corporate guidelines governing acceptable Web and e-mail usage.
These issues are fully described in the Deployment Guide; see chapter 3, Before you start using CA DLP.
Your hierarchy of users and groups will require routine maintenance. In particular, you may occasionally need to reorganize or create new user groups to cater for users with particular policy requirements. This allows fast and selective rollout of policy changes. For example, you may decide to group together all users who are in constant e-mail contact with customers. This allows you to configure the group policy to capture maximum business intelligence from this e-mail correspondence.
To share the administrative workload, you can promote ordinary users into administrators or managers by granting them administrative privileges. You can limit the scope of their administrative authority by withholding specific privileges and controlling which groups they can manage.
|
Copyright © 2012 CA.
All rights reserved.
|
|