Managing Metadata

As an administrator, you can manage metadata to provide additional information about files and folders in FileCloud and to use the information when performing actions on them. FileCloud includes built-in metadata sets that include information such as image properties, file create dates, and metadata tags from other applications. FileCloud also allows you to build any number of custom metadata sets.

Metadata for governance and other system processes

Metadata serves an important role in the functioning of many processes in FileCloud, including compliance, data leak prevention (DLP), retention policies, and workflows. You can configure these processes to look for files and folders with certain metadata values and then act on matching files and folders accordingly.  

The following diagram shows you how metadata is applied and used in FileCloud. First, create your metadata, if necessary. FileCloud includes built-in metadata, but for some purposes, such as identifying confidential or secure information, you must create custom metadata. After your custom metadata is created, Smart Classification automatically applies the correct metadata to files and folders. In addition, users can apply metadata manually.

After files and folders are marked with metadata, the DLP, retention, and workflow sub-systems of FileCloud use metadata to identify content to act on. Some examples are described below the diagram.

Once the necessary metadata, DLP rules, and retention policies have been configured, compliance standards can be met.

Here are some examples of the way the different sub-systems in FileCloud can use metadata:

  • DLP: If a file's Confidential metadata attribute is equal to Yes, DLP prevents it from being shared externally.
  • Retention policies: If a file's Sensitivity Label attribute is equal to general, then a retention policy of 3 years is applied to it.
  • Workflows: If a file's Modified attribute is equal to a date over 3 months ago, then a workflow sends an email to the email address in Last Modified By

Here are some examples of the way compliance rules are met by metadata:

  • The HIPAA section of the Compliance Center requires that your system include metadata that identifies PHI data.
  • The ITAR section requires your system to use content classification to apply metadata tags to defense and technical articles, and then use DLP to block public sharing of the tagged articles.

Example of the process:  In a medical facility's system, a new file is uploaded. Smart Classification searches its contents for the string Medical Record Number. It finds the string and applies the PHI metadata tag to the file. When an external user attempts to upload the file, a DLP rule identifies the PHI metadata tag, and therefore, does not allow the upload. In 2 weeks, a user attempts to delete the file, but a 6-year retention policy identifies the PHI metadata tag, and does not allow the file to be deleted.

Metadata for users

Metadata is also useful to your users, who can view the information it provides about files and folders in the Metadata tab in the side panel of the user portal. In the Metadata tab, users can view the metadata applied to a file or folder, and depending on their permissions, can add and change metadata.

Users can also search on metadata and apply color tag metadata to files and folders for categorization and identification purposes.

In this section