FastStart Implementation Guide › About FastStart › CA DataMinder Terminology

CA DataMinder Terminology

This guide uses the following terms:

Events

Any information analyzed by CA DataMinder is an event. Events include emails, files, web pages, and IM conversations.

Incidents

An incident is the result of a policy trigger firing. For example, an email that contains unauthorized information becomes an incident if it triggers a blocking or warning.

Likewise, if CA DataMinder detects an email that triggers three separate policies, three separate incidents are stored in the CMS database. All three are associated with the same event.

Channels

These refer to communication channels, such as email, webmail, web pages, FTP file transfers, IM conversation, and messages posted to news groups.

Class and Policy

CA DataMinder uses these terms:

• A class defines a group of related policies or policies designed to detect similar types of user communication. Example classes include Non Public Information (NPI) and Intellectual Property (IP).
• Individual policies are based on triggers in the user policy, plus other key settings such as document classifications. However, you must edit these standard policies in the iConsole.

  Example NPI policies include Sales Information and Mergers and Acquisitions. Example IP policies include Confidential Trade Data and Proprietary Software Code.

The available classes and policies are defined in the CMS database.

Impact

In CA DataMinder terms, impact bands (High, Medium and Low) refer to ranges of severity scores:

High impact

This refers to incidents with a severity score of 201 or higher.

Medium impact

This refers to incidents with a severity score of 101 to 200.

Low impact

This refers to incidents with a severity score of 1 to 100.