When a violation of a SysCloud policy occurs, administrators will receive an email similar to the example below:



From this email, click on the name of the document, in this example it's Untitled document. This will bring up the alert page with details about the alert including who owns the document, who they shared it with, why the alert was triggered, and when the violation occurred. There are also options to preview the full document, and take action on the alert.


After previewing the document, it's up the to school administration how to handle the incident. This could mean following up with a student, blocking access to the document, or dismissing it. A list of actions that can be taken on an alert are below, with brief descriptions of what those actions do. The most common actions are in bold, and actions can be changed later on except for Dismiss. When you dismiss a violation, it will not show up again until the violation reoccurs.


Remove Sharing Violation: Unshares a document if it was shared with someone who should not have access

Remove All Sharing: Unshares document with all users except owner

Remove Bulk Sharing: Unshares document with users that were added in bulk

Remove External Domains: Unshares document with users outside of Tritonschools.org

Remove Web Publishing: Unpublishes document to the web

Restore Ownership: Restores a document to its owner if it was blocked

Apply Encryption: Encrypts the document to obscure sensitive data

Request Exception: Put in a request with SysCloud to no longer trigger violations on that document

Add Star: Marks document as important for later review

Dismiss: Dismisses this violation for this document (Useful if students are just messing around and trigger an alert)

Mark as False Positive: Marks the document as a false positive for this policy, this will help the algorithm recognize later false positives. Useful for school papers or projects that trigger alerts.

Mark as True Positive: Marks the document as a true violation, helps algorithm detect later violations with more certainty.

Take Control From Owner: Transfers ownership of the document to your account

Remove all access and quarantine: Removes all owners from the account and quarantines the document. Document will only be accessible by IT admins.