Identify, track, and analyze sensitive data in files, folders, and shares. Data collected under this module can be viewed in form of graphs or as tabular reports. Customizable data discovery policies; Configure or edit preconfigured policies to scan file servers and identify personal data.
Configure risk assessment-
The configuration tab of the risk assessment module, allows you to configure policies to find occurences of personal data in files.
To configure policies and rules-
Navigate to Risk Assessment tab --> Configuration --> Policy and click on the "Add Policy" button.
In the page that appears, fill in the basic details and add the inclusion and/or exclusion rules.
A policy is a set of various inclusion and exclusion rules. The GDPR Policy has been configured by default.
These rules can also be configured under the "Rules" page. New rules can be added to meet the needs or the existing ones can be modified.
Rules are the parameters that define the criteria for sensitive data. By default, rules ranging from identification numbers of various countries to their other important details have been configured.
An inclusion rule is the basis on which any given file will be considered as a carrier of sensitive information. Similarly, when an exclusion rule is defined, it means that a file containing any of the configured exclusion rules, will not be considered as sensitive data. i.e, when a file contains data characterized by any one of the exclusion rules, it will not be validated any further to check the presence of other sensitive data.
Schedule Configuration -
To gain an insight into number instances of personal data in files, configure a schedule which will scan through the list of selected shares and look for violations of selected policies.
To configure a schedule, go to the "Schedule" Page and click "Add Schedule". On the same page, select the policies, shares and frequency.
At the end of a schedule, its results can be seen in the Dashboard and Reports page.
An exclusion time can also be configured for convenience. This exclusion schedule will ensure that no schedule runs at this time. If a schedule is configured, and continues to run till the exclusion time, it will be paused for the configured duration and will resume after it ends.
An exclusion time frame makes sure that there is no overhead on the servers during peak hours, so that normal functioning of the server may continue.
To configure an exclusion time frame, click on "Add Schedule Exclusion Timing", choose the frequence & time, then click on add. More than one exclusion time frames can be added.