Data Loss Prevention Scans
- Click 'Security Sub-systems' > 'Data Loss Prevention'
DLP scans let you search managed endpoints for sensitive data like card numbers, social security numbers and bank account numbers.
- You first create the discovery scan rules at ‘Configuration Templates’ > ‘Data Loss Prevention’
- You then add a ‘Data Loss Prevention’ section to a profile:
'Security Sub-systems' > 'Data Loss Prevention' lets you view the results of those scans:
- Click ‘Configuration Templates’ > ‘Profiles’ > click on the name of a Windows profile
- Click ‘Add Profile Section’ > ‘Data Loss Prevention’
- Click the ‘Add’ button, then add the discovery rules you created in step 1.
- Save the profile. The scan will run on all devices on which the profile is active.
The area lets you:
- View devices on which DLP scans are active
- Manually run DLP scans on selected devices
- View log files that contain sensitive information
- View files quarantined by the DLP system on endpoints
Click the following links for help with each tab:
- Click 'Security Sub-systems' > 'Data Loss Prevention'
- Select the 'Device List' tab
- The interface shows devices on which DLP scans are active:
Column Heading |
Description |
---|---|
Name |
The label of the device on which the scan was run.
|
Logged in User |
The name of the user currently signed-in to the device. The username is prefixed with the active directory (AD) domain or workgroup to which the user belongs:
|
Rule Name |
The DLP rule under which the last scan was run.
|
Rule State |
The status of the last scan. The possible values are:
|
Scan Date |
Date and time of the last scan. |
Details |
View files containing sensitive information that were found on the device.
|
Controls |
|
Action on Endpoint |
Run a manual scan on selected devices. See Run DLP Scans for more details. |
- Select your target devices
- Click 'Action on Endpoint' > 'Run all discoveries':
- The scan command is sent to the selected devices
- Click the 'Details' link when the scan finishes to view files containing sensitive information
- See DLP Logs to read more about the scan results.