Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
- Cloud App Discovery
Setting up Cloud Protection
Dashboard
Reports
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
Data risk assessment reports
ManageEngine DataSecurity Plus generates reports on instances of sensitive data in data stores with details on the type of data, location, and more.
To view reports on this located sensitive data, follow these steps:
- Select Risk Analysis from the applications drop-down.
- Go to Reports > Record Details. Click the report entry you wish to view.
Available reports
Three reports are offered:
- All Records: Lists all files matching the data discovery criteria. You can click each record to view further sensitive data insights.
- Alert Records: Lists all the files that match configured alert criteria.
- Source-type Records: Lists all the sensitive data occurrences based on the data sources where they were found.
All Records
The All Records report contains the complete list of sensitive data instances found in configured data sources. The default view is a summary of the list of files containing sensitive data, with underlying insights on the sensitive data occurrences.
Follow the steps below to view which type of sensitive data was detected along with its number of occurrences and the data risk score of the file:
- In the All Records page (Risk Analysis > Reports), click the record for which you wish to view granular details.
- Set the Data Confidence Level to High for the highest possible data accuracy. Set it to Any to display occurrences with all data accuracy levels.
Note: Data Confidence Level is a filtering functionality available inside the Sensitive Data Analysis page within the All Records report. It is a measure of the reliability of the sensitive data found. If the confidence level is set to Low, data occurrences all confidence levels will be displayed in the report and if it is set to Medium, only those records with high and medium confidence levels will be reported.
In addition to the report filter, you can configure the confidence level for data discovery scans using the steps listed on the general settings help page.
Filtering discovery scan reports
You can examine data records using one or a combination of different filters. Currently the following filters are available in DataSecurity Plus:
Filter | Description |
Policy | Displays records based on data discovery policies. |
File Name | Displays records based on file names. |
Location | Displays records based on file locations. |
File Type | Displays records based on file types. |
File Owner | Displays records based on Active Directory user names. |
No. Of Occurrences | Displays records according to the number of times sensitive data has occurred in a file. |
Risk Score | Displays records based on risk scores. Files with higher scores indicate greater risk. |
Rule | Displays records based on data discovery rules. |
Confidence Level | Displays records based on the reliability of sensitive data detected. There are 3 levels — High, Medium, or Low. |
Managing files discovered in scans
DataSecurity Plus allows users with admin role to move or delete files containing sensitive data as a risk mitigation action.
Follow the steps below to move or delete files directly from the report interface:
- Once you've selected the record you want to view, the Sensitive Data Analysis page opens to display file properties and sensitive data occurrences for the selected confidence level.
- Users with the admin role can use:
- The Move option and specify the destination folder path to which you want to move the file. This response action supports only the UNC format \\MachineName\Share\Folder\
- The Delete option to permanently delete the file from the server where it is located. Note that files deleted via the interface are permanently deleted and cannot be retrieved.
Move or delete actions performed will be recorded in technician audit logs. To view the records:
- Select Admin Console from the application drop-down.
- Go to Administrative Settings > Technicians.
- Click View against an admin's name to see all actions of that admin.
Note: Ensure that the Domain User or the service account used for configuring the domain has admin privileges or at least modify access to the source and destination folders to move a file successfully.
Alert records
The Alert Records report includes all instances of sensitive data whose identification triggered a configured response.
You can configure new alert profiles or edit existing profiles by following the steps listed in the data discovery alerts help page.
Discovered sensitive data is cross-verified with the conditions in the configured alert profiles, and if they match, an email alert is triggered and the details are recorded in the Alert Records report. In the report, you can find further details such as policy matched, file type, the file's risk score, and more for each alert.
Source-type records
Each report under the Source-type records report contains the sensitive data instances in a particular data source, such as Windows file servers.
To add new Windows file servers, follow the steps listed here.
To add new MS SQL Servers, follow the steps listed here.