GEODI Classifier consists of is a set of tools for manual and automatic classification. Part of this tool is installed as a GEODI module, with separate client installation for Desktop and Office pluginsThis page is about configuring central management of the tools.

Classifier Module Configuration

You can access the Classification Module interfaces from Use “Activate Classification Tools” on the last page of the Project Wizard . To be able to use ready-made class, label, panel and rule definitions, you must start by choosing a template.

There is no need to have data in the project(s) you will use for classification. Being different from the projects you use for data exploration or Search provides flexibility for system administration.

...

Classes/Values

In this tab to open the management dialog. The classes, rules, header, footer, and watermark grans are all set here. There are ready project templates; we suggest you start with one to have ready-to-use settings.

As a best practice, create a separate project for classification other than search and/or discovery. The project for classification does not need to have data.

Image Added

Classes

In this tab, we will define the class labels, their rules, and their appearance in plugins (Microsoft office Office, others). Classes should be created with the most important at the top.

• ID: You must give a unique value for the class.

• Name: The text of the class that you want to appear in the interfaces.

• Category: You can create a classification tree by giving different categories. It is useful if you have many classes. By default, it can be empty.

• Description: With the description, you write down what you need to know about the class. This text will be a guideline for the users of the plugins. Descriptions will be displayed in the classification interface of the users.

• Query: GEODI Query Rules are valid. Documents that match the query will automatically receive take the corresponding class. GEODI recognizers will provide valuable information for automatic classification. Thanks to the semantic features of GEODI, for example, you can use a query such as layer: "TRID" with the phrase "TR Identity Number". Tags: Query Rules are valid. There are predefined queries (predefined:ClassPII, predefined:ClassSecret,...) to help you use the same queries in classes, panels, and other places. This is a good way to simplify configuration and management:

• Tags: Tags are the key and value pairs to write In MS Word, PDF or other attachments, the final tag value of the class should be given. Different DLP solutions may require different definitions. For example, Forcepoint expects an XML schema. The structure is designed to meet different DLP needs. There are a few variables when creating tags. Theese are;

  • %User%: Computer name / email sender / login account information in GEODI,

  • %Ver%: Version information of the classifier,

  • %Date%: Date information in yyyy-mm-dd format,

  • %Date-epoch%: Number of seconds that have elapsed since January 1, 1970,

  • %Date-UTC%: UTC time information,

These variables are case sensitive, should be used as written above.

Warning: If variables are used on all values, the class discovery feature will be corrupted. At least one value must be constant. For example, the ID information in the tag can be used as a constant, another information can be used as a variable.

• Header, Footer and Watermark values are only valid for MS Office software and allow you to specify the text and styles that will appear if the relevant class is selected.

• %User% should be used in the Tag to display the name information of the user making the classification on the tags. When used, the tagging person's name is displayed.

For multiple lines of text you can use \r or \

, or ADS files. If you plan to switch to GEODI from another classification solution, GEODI adapts the existing schema. The transition will be seamless. Please check GEODI Classifier Label/Tag Definitions

• Header, Footer, and Watermark values are valid only for MS Office software. If the user chooses this class, the text will be embedded into the document.

  • You may use %User% to have a user name in the values.

  • You can use \n to move to the next line for multiple lines of text. For example “HizmeteÖzel\rOfficial”. Single use only moves to the next line. If moving to the next line is not enough and you need to add a line space, you can also use multiple uses such as \r\r, \n\n or \r\n.

• If the class selected from the left buttons in the drop-down menu on the GEODI Classifier Settins screen does not match any class, the red marked class is given. You can use the marked class for any class you want.

...

Plugin Settings

GEODI Classifier add-ins are components that run in MS Word, Excel, Windows Shell or Exchange Server. These components work together with the GEODI server. The distribution of settings is centralized. The following settings determine the behavior of the add-ins.

AutoClassification Behavior: With this option you can select Auto-classification as active/passive or mandatory. If forced, manual classification options are disabled.

...

• • , “Personally\nIdentifialbe\nInformation”.

• Auto classification chooses the last class if the content does not match any other query.

Behaviour

Default Classification rules are set here. These rules are automatically updated for all clients in about 10+ minutes. You may override/change rules by user, group, IP, or classification tools using the “Customize” tab.

Image Added

1. Auto Classify Behaviour: Determines how auto-classification works.

   1. Use as a suggestion → The user may or may not use auto.

   2. Disabled → Automatic classification is off

   3. Do not select the class under auto → Users can not choose classes lower than the auto.

2. Ask Classes on Save: MS Office add-ins open a dialog to choose classes when saving/close or printing. This option determines when the dialog opens.

   1. Show when necessary → If auto-classification is possible or the document already has a class, the dialog does not open.

   2. Always → The dialog opens after each change.

   3. Never - Manuel Only → User can open the dialog manually.

3. Use OS Meta: Microsoft Office, Libre Office, and PDF formats can be tagged with ADS. These tags are only created by the Shell/Desktop classification tool.

4. Allow Class Lowering: Determines if a user can choose a lesser class for an already classified document. This is an important setting and you may override it by user, group, or IP.

5. Classifying internal emails: When the feature is used, if the sending domain address and the target domain address are the same, the email can be sent without asking for classification.

6. Log Format: By default, all classified documents are logged. This log is

...

1. stored on the server side. We can

...

1. deactivate this process or change the logging format.

...

1. The logs are in the same

...

1. location as other GEODI logs.

Use OS Meta: With the Windows right-button plugin you can classify files except MS Office and PDF files with operating NTFS ADS. If the option is off, only Word and PDF documents can be classified.

Allow Class Minimization in Plugins: Classes should be created with the most important at the top. With this option, it is determined whether the user can move a previously classified document to a lower class (such as Top Secret → Confidential).

Classifying internal emails: When the feature is used, when the sent domain address and the destination domain address are the same, mail can be sent without asking for classification.

...

1. Do not use images for Header/Footer: By default, headers and footers are used as images in Excel. If this option is selected, headers and footers will be used as text in Excel.

2. Do not use images for Watermark: By default, the watermark is used as an image in Excel. If the 'Do not use images for Watermark' setting is selected, the watermark will be disabled in Excel.

Customize

With customization, the default rules can be changed based on User, Group, IP, or the application/plugin tool that is being classified.

For example, you can only automatically classify for a certain user group, say that you are authorized to reduce the class or that there is no obligation to classifylimit some groups to only auto-classification and allow some other class-lowering.

Each rule is a customization . You and you can add as many as you want. If the rules cover each other, the last customization is valid for the end userrules overlap then the first rule is valid.

...

Active: You can use customization on/off for end users.

...

Users: The person and group information that will be affected by the customization is written here. More than one person/group can be selected.Applications: The applications that will be affected by the customization are selected. More than one can be selected. If none is selected, the customization applies to all applications.

Automatic Classification, Form Display, OS Meta Usage, Classification in Internal Emails, Class Reduction in Plugins: The behavior here is the same as in the plugin settings. Which one or which ones can be changed if desired to be customized.

Disable Classification: You can disable classification. Sorting will be disabled for the group or app you selected.

Available Classes: You may want some classes to be offered only by certain groups or departments. In this case, you can specify which classes are available for each customization.

Macro: You can create advanced options with a macro. It is possible to create IP -basedor, time-based rules.

Macro Examples

...

You can access the objects that can be used via the link. https://service.decesoftware.com/api

Interface Texts

Interface texts determine the appearance of some buttons and messages within plugins.

Auto Button

Applications: The applications that will be affected by the customization are selected. More than one can be selected. If none is selected, the customization applies to all applications.

Auto Classify Behaviour, Ask Classes on Save, OS Meta , Classifying internal emails , Allow Class Lowering : Choose the settings you want to customize/override.

Disable Classification: You can disable classification for selected users, groups, or IPs.

Available Classes: You may want some classes to be offered only by certain groups or departments. In this case, you can specify which classes are available for each customization.

Pop-Up Texts Settings

Use the terminology by your preferences.

...

Auto Button Text : This is the name of the automatic button in the classification interface.

Category: It is used to add adds a general title to the left side of the upper category classes in the Popopen pop-Up up interface that opens.

Subcategory: It is used to add titles to the left side of Subcategory classes in the Popopen pop-Up up interface that opens. If the category name in the class definitions is to be used as the title, "Use Class Category" must be checked. If These fields should be left blank if the categorical structure is not used, these fields should be left blank.

Form Title: The dialog's title that opens during saving/printing for MS office Office can be changed.

Description: Description can be added/changed to the dialog opened during saving/printing for MS officeOffice.

Class Not Selected Message: Message to be displayed on the dialog opened during saving/closing/printing for MS office Office if the class is not selected for the document.

OK Button: The text of the OK button on the dialog opened during saving/closing/printing for MS office Office can be changed.

Unknown Class Not DefinedText : The class indicating that the document that will appear in unclassified documents is unclassified.

Top Bg, Text Color, Bottom Color: It is used to change changes the color combinations on the pop-up window in the GEODI Classifier Add-In screen. It works in our default colors when it receives an incorrect or missing value.

Class Not Defined Icon: Icon The icon of the class indicating that the document to appear in unclassified documents is unclassified.

...

Installation

...

Setup

The software automatically generates the token and MSI parameters required for installation are automatically generated by the software. Please refer to the client or pages and OWA installation page for details.

...

Troubleshooting

...

Clients will be updated in about 10 minutes when Classifier settings are changed in the GEODI interface.

...

If office add-ons or Desktop Classification is not active

• Check that the client installation is complete

• Must have access to the GEODI server

• GEODI Token validity must be checked

...

Installation can be performed in an environment without internet / in cases where GEODI cannot be reached. When a connection to GEODI is established, the Classifier plugin is automatically activated.

...

ADS is used for classification in other file types except MS Office and PDF files. In a classified file, it is written whether the classes are preserved or not as a result of the following operations.

• The name of the file has been changed (Class Preserved).

• File extension changed. txt → log - mp4 → avi (Class Preserved)

• The file was copied to another computer without GEODI Classifier and checked (Class Preserved)

• File copied over RDP connection (Class Not Preserved)

• Classified uploaded to wetransfere and downloaded. (Class Not Preserved)

• The file has been classified. Compressed as rar/zip and extracted. (Class Not Preserved)

...

In case there is no access to the GEODI server, manual classification can be used. You can use other classes except automatic classification through the last meta in communication with GEODI.

• When connected to the GEODI server, the operations performed are logged.

• In Shell classification, if it is not connected to the server, the automatic option is not available.

• In the Office plugin, if the server is not reachable, "automatic (offline)" is displayed.

• Changes made (adding a class) or falling off the server are checked periodically (5 minutes), not instantly, so as not to slow down your operations. For this reason, the changes made are not instantly reflected on the Add-In and Shell interface.

If a large number of mails are sent for Mail Merge use, when the %AutoClass% statement is added to the document to be classified, it is automatically classified without asking for the class when sending multiple mails.

...

For example, if a mail merge will be made over word, when %AutoClass% is written in the document, the classification is made automatically and the class is not asked for every mailing.

...

Ignoring e-mail signatures

E-mail signatures contain the sender's PII information. To ignore this, you must either change e-mail server settings or prepare a dictionary.

The E-mail server should add a signature after the classification/or just before sending. The method for exchange is https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/disclaimers-signatures-footers-or-headersthe link. Your e-mail server may provide different methods. This method solves only the problem only for the first e-mail. In mail chains, signatures are accumulated. A GEODI dictionary method works for all situations.

1. You must have a senders list that contains at least the values used in signatures (name, phone, e-mail, etc.).

2. GEODI can use Excel or a Table as a dictionary. You must generate the signature using Excel formula or SQL. Please check the attached sample Excel. Excel should be updated manually.

3. Add this dictionary to the discoveries list for the classification project.

4. That is all.

5. The method works only if the dictionary and mail signatures match exactly. So before release, we suggest running a few tests for sample senders.

6. This dictionary can also be used for e-mail discovery to avoid signatures recognized as PII for old emails.

7. Sender’s actual PII data, in e-mail body, contracts, medical records, etc., will still be recognized.

Sample Excel