Using PowerShell you can cause an immediate re-classification of all NTFS and SharePoint data for all of the managed hosts within your environment or on only selected data.

If you have made changes to any existing rules within a taxonomy that will result in changes to how data has been previously classified. You can run this cmdlet to ensure the classification reflects the change.The ability to perform an immediate re-classification is important for manual classification of containers. In cases where classification should be inherited by child resources, the children will need to be re-processed to have this inherited classification applied.

Syntax: Request-QClassification <ServerAddress> [ManagedHostId] [Folder]

To force a re-classification of your data using PowerShell

1. Run the Request-QClassification cmdlet with the following parameters:
2. 1. ServerAddress (Required parameter)
      Provide the name of the computer hosting the Data Governance server, and the port. Enter in the form computername:port number. The default port is 8723.
   2. ManagedHostid (Optional parameter)
      Provide the ID of the required managed host. If not specified, all managed hosts enterprise-wide will be re-classified.
   3. Folder (Optional parameter)
      Specify the required folder to scan.

Examples:

To re-classify all recognized data on the managed hosts in your environment, enter only the server address: Request-QClassification “server.address.com:8723”.

To re-classify all recognized data on a specific managed host, specify the host ID but not a specific folder: Request-QClassification “server.address.com:8723” “92c17163-a883-4037-a4f6-3735cfeae732”.

To re-classify the contents of a specific folder, on a specific managed host, enter all the parameters: Request-QClassification “server.address.com:8723” “92c17163-a883-4037-a4f6-3735cfeae732” “C:\ImportantDocuments”.

The following application roles are specifically for Classification functionality. They are to be used in conjunction with Quest One Identity Manager and Data Governance specific application roles. For details on applying application roles, see the Quest One Identity Manager Getting Started Guide and Data Governance Edition User Guide.

Administrators

Employees assigned this role are responsible for the care and maintenance of the Data Governance Edition deployment including the Classification services. This Employee uses the administration tools (Manager/Identity Manager) to ensure the Business Owners, Classification Analyst, and Compliance Officers have access to all required information through the web portal.

They are primarily responsible for the deployment of the managed hosts, managed domains, service accounts, Classification Servers, and Classification Workers.

Members of this role can:

• Manage the Classification infrastructure and services using the Manager.
• Configure the file extensions that will be classified by the automated system.
• View taxonomy structures and category properties.
• Modify taxonomy structures, as well as any category properties.
• See classifications of all resources, regardless of ownership.
• Manage the classifications of any resource, regardless of ownership.
• Manage the automated classification and categorizations, including rules and category associations.
• Run what-if commands and categorization analysis features using PowerShell commands.

Classification Analyst

Employees assigned this role are responsible for implementing classification, taxonomies, and rules and to manage the automated system as designed by the business. This employee uses the web portal to modify rules, troubleshoot categorizations, view classified resources across the entire deployment, and manage taxonomies.

Members of this role can:

• Configure file extensions that will be classified by the automated system using the web portal.
• View all taxonomy structures and category properties and settings being used by the system.
• Modify taxonomy structures and category properties.
• View all classifications of all resources in the system, regardless of ownership.
• Manage the classifications of any resource regardless of ownership.
• Manage the automated classification and categorization, including rules and category associations.
• Run what-if commands and categorization analysis features.

Compliance and Security Officer

Employees assigned this role are responsible for over seeing the Classification deployment and ensuring security requirements are met as defined by the organization. They are responsible for reviewing classified resources across the system regardless of ownership.

Members of this role can:

• View all taxonomy structures and category properties and settings through the web portal.
• View all classifications of all resources in the system, regardless of ownership.

Business Owner

Employees assigned this role are responsible, through the web portal, for managing and attesting to the classification of resources that they own.

Members of this role can:

• Manage the classifications of their owned resources.Read all classifications on their owned resources.

To assign application roles

1. In the Quest One Identity Manager Navigation view, select Employees.
2. In the Results list, select the required employee.
3. In the Task view, select Assign Identity Manager application roles.
4. Apply the required application role, and save your changes.

Contents

• An Overview of Classification Configuration
• Steps Required to Implement Classification
• Creating Taxonomies
• Setting Up Manual Categorization
• Implementing Rules for Automated Categorization
• Classifying Resources
• When Do Categorization and Classification Occur?
• Importing and Exporting Taxonomies
• Working with a Taxonomy XML File
• Managing the Life Cycle of Taxonomies and Categories
• Advanced Rule Applications

Categorization is intended to provide information about your data that can help you better understand the state of your environment, and secure information based on an understanding of a resource’s content. The end result of classification is a relationship between a resource and a particular category. In order for categorization to have value in your organization, the category must tell you something specific about the resource, and you must have confidence that system is applying these categories accurately.

By working with the components of the classification system, and using a combination of automatically and manually applied categories, you can refine the system. The following outlines the components of the system and other necessary concepts: