Some Aware applications can potentially surface highly sensitive data. Understanding data sensitivity levels of each application and their impact on your collaboration platform data will help you determine permissions for your Aware users.
Data Sensitivity: Sensitive data can be defined as information that must be protected against unauthorized disclosure, including PII (Personally identifiable information), PHI (Protected health information), confidential projects, and more. Data Sensitivity should be considered when granting permissions to high data sensitive applications or Policies that have the potential to surface highly sensitive content.
Impact: Actions taken within specific Aware applications can have low to high impact on your collaboration data, within both the collaboration platform and the Aware Intelligent Data Fabric Some actions are permanent and cannot be undone. Impact should be considered when granting permissions to high impact applications.
Note: Aware Administrators have access to all applications and Aware system settings.
Aware User Permissions can be set by the admin for an individual Aware user, and/or an individual Signal Policy level.
Below is an outline of each application, it's Data Sensitivity and Impact, and typical use cases by persona. Use this information as a guide when granting permissions to your Aware users.
- SPOTLIGHT: High Data Sensitivity/Low Impact
Spotlight provides conversation insights. Understand the health and sentiment of your digital community/workspace over time, allowing you to make effective decisions faster. Typically used by HR, Communications, Workplace owners, Employee Engagement teams, etc.- Internal Communications and/or Marketing: Understand trends in conversation sentiment or health at the community level. Gain a deeper understanding of where and how conversations transpire. Pin groups to easily watch activity in key groups. Identify areas needing high touch moderation or engagement.
- Human Resources: Identify negative trends in mood, attitude, or conversation health to get ahead of any potential HR violations before they become a larger issue. Surface behavior anomalies at the community or group level.
- SIGNAL: High Data Sensitivity/Low Impact
Near real-time Signal for DLP, capture the voice of the employee or identify conversation around external events. Typically used by HR, Communications, IT, Legal (permissions can be created around specific Policies)- Legal & Compliance: Identify and respond to violations of industry regulations such as PCI, HIPAA or FINRA in public or private communication areas.
- Human Resources: Identify and respond to a harassment, discrimination, or bullying incident before a legal or PR nightmare materializes.
- Info Security: Leverage policy engine to identify incidents of insider threats regardless of malicious or negligent intent.
- SEARCH & DISCOVER: High Data Sensitivity/Medium Impact
eDiscovery capability. Build a searchable intelligent data fabric of your community’s collaboration content and its corresponding context, as well as any edits or deletions. Typically used by Legal & Compliance, eDiscovery, IT.
- Legal & Compliance: Carry-out early case assessment and eDiscovery processes using advanced filtering to search and export historical user data, as well as the surrounding conversation context.
- Info Security: Investigate incidents of file and sensitive content shares and corresponding context in public or private conversation areas.
- Human Resources: Investigate the context of a Signal incident, such as a sexual harassment or discrimination incident. Export employee's historic content and context to better inform next steps or escalation.
- DATA HOLD: Medium Data Sensitivity/High Impact
Employee legal hold capability. Create and release legal holds by content author. Only applicable if you have Retention in place. Typically used by Legal & Compliance, eDiscovery, IT.
- Legal & Compliance: Preserve specified employee conversation data—along with its corresponding context—for early case assessment and eDiscovery workflows.
- Compliance: Adhere to industry regulations by preserving content of interest from deletion due to retention policies.
- RETENTION: Low Data Sensitivity/High Impact
Apply records retention policies and permanently purge select content from the collaboration platform and the Aware Intelligent Data Fabric. Many customers collaborate with Legal and Info Security to determine retention policies and then the Aware policy is implemented by the Aware Administrator.
- Legal & Compliance: Reduce your liability of litigation by systematically purging stored conversation data from your collaboration platform
- Info Security: Reduce your risk of breach by systematically purging stored conversation data from your collaboration platform
- USER DATA REMOVAL: Low Data Sensitivity/High Impact
Permanent Employee content deletion for GDPR/CCPA compliance. Typically used by Legal & Compliance, eDiscovery, or IT.
- Legal & Compliance: Satisfy an employee’s ‘Right to be Forgotten’ as outlined in the GDPR. This is especially needed for Data Protection Officers (DPO).
- Human Resources: Remove former employee chat while preserving valuable public and private group content.
