Data Insight allows you to leverage the activity data provided by the audit logs and information about permissions on a path to make recommendations for permission changes. You can use the audit logs to identify inactive users and recommend revoking of access rights to users and groups that do not have activity on a path.

Data Insight can recommend that a user be removed from a group, or a group be denied permission on a path, if the user or group is inactive on the path for the selected time period. However, Data Insight does not provide recommendations to modify well-known groups such as Everyone or Administrators.

Data Insight recommends that a user's permission be revoked if the user is inactive on a path. A user can be inactive on a path for multiple reasons. They are as follows:

A group can be considered inactive if it inherits permissions on a path as a part another group which has activity on that path, but the group itself does not have any activity on the path.

The permission change recommendations help you evaluate the integrity of the assigned permissions. You can monitor the permissions of inactive users to eliminate access risk and lock down open access and implement recommendations by modifying security groups.

The permission recommendations are calculated after considering the effective permissions for a user or a path, which include share-level permissions.

You can configure the settings required to to implement the recommendations. For more information on configuring the permission remediation settings, see the Symantec Data Insight Administrator's Guide.