FastStart Implementation Guide › About FastStart › CA Data Protection Terminology

CA Data Protection Terminology

This guide uses the following terms:

Events

Any information analyzed by CA Data Protection is an event. Events include emails, files, web pages, and IM conversations.

Incidents

An incident is the result of a policy trigger firing. For example, an email that contains unauthorized information becomes an incident if it triggers a blocking or warning.

Likewise, if CA Data Protection detects an email that triggers three separate policies, three separate incidents are stored in the CMS database. All three are associated with the same event.

Channels

These refer to communication channels, such as email, webmail, web pages, FTP file transfers, IM conversation, and messages posted to news groups.

Class and Policy

CA Data Protection uses these terms:

• A class defines a group of related policies or policies designed to detect similar types of user communication. Example classes include Non Public Information (NPI) and Intellectual Property (IP).
• Individual policies are based on triggers in the user policy, plus other key settings such as document classifications. However, you must edit these standard policies in the iConsole.

  Example NPI policies include Sales Information and Mergers and Acquisitions. Example IP policies include Confidential Trade Data and Proprietary Software Code.

The available classes and policies are defined in the CMS database.

Impact

In CA Data Protection terms, impact bands (High, Medium and Low) refer to ranges of severity scores:

High impact

This refers to incidents with a severity score of 201 or higher.

Medium impact

This refers to incidents with a severity score of 101 to 200.

Low impact

This refers to incidents with a severity score of 1 to 100.