Automated Actions

This section describes the various actions that Nightfall takes automatically when a violation is detected. You must turn on the toggle switch to enable an action. The automated action is permanent and cannot be reversed once applied. You can also use the delayed remediation feature to set the timeline as to when an action must be taken. You can either choose to apply the automated action immediately after detecting a violation or after some time.

The various automated actions are described as follows.

  • Delete: This action deletes any attachments or field data in the Salesforce that contains sensitive information. You can turn on the toggle switch to enable this action. You must also select the timeline as to when this action must be taken after a policy violation is detected.

Note: How Delete Action Works for Files in Nightfall DLP for Salesforce

When you create a new Salesforce file it is considered to be the first version of the file. Every time you edit the file, Salesforce creates a new version of the file that has the latest changes. All the previous versions of the file are also stored by Salesforce. When Nightfall detects sensitive data in a file, Nightfall overwrites the file and uploads a text file that contains a message on why your file was replaced by the text file. You can contact your Salesforce admin to provide you with the previous version of the file that contains sensitive data.

  • Nightfall does not delete the file containing sensitive data because the delete action will delete all the versions of the file.

  • The Delete action is not supported for the Salesforce Email object.

Redact: This action redacts all the sensitive information found in Salesforce that is monitored by this policy. You can turn on the toggle switch to enable this action.

You must also select the timeline as to when this action must be taken after a policy violation is detected. You can either choose to take the action immediately after detecting a violation or after a few minutes, hours, or days.

Conflict Management in Automated Actions

Conflicts can arise in two main scenarios:

  • Both the automated actions are configured in a single policy.

  • Multiple policies with different automated actions were violated simultaneously within the same file, message or record.

When conflicts occur, Nightfall implements the most severe automated action. The priority order to manage conflicts in Salesforce is as follows.

  • Delete

  • Redact

Nightfall implements the Delete action to resolve the conflict.

PreviousDetection RulesNextReview Configurations

Last updated

Was this helpful?