This introduces the use of Data Discovery which is an available feature of Apex One Data Loss Prevention (DLP).
The desired DLP template to be used should be ready before creating a Data Discovery policy. Follow the steps provided in the Online Help Guide.
To create a Data Discovery Policy:
- Log in to the Apex Central or Apex One as a Service console.
- Go to Policies > Policy Management.
- Change the product to Apex One Data Loss Prevention.
- Enter a policy name and select the machines where the policy will be deployed to.
- Select Apex One Data Discovery.
- Click Add.
- Enter a Rule name and tick "Enable this rule".
- Specify the path and specific file extensions to be scanned.
- The file location is optional. Leaving it blank will scan the entire machine.
- Wild cards are accepted under File Type Exceptions.
- Click the (2) Template tab and select the associated template to be scanned, and then click add and ensure that this is listed under Selected Templates.
- Click the (3) Actions tab and configure Encryption (Trend Micro Endpoint Encryption required) if necessary.
- Click the (4) Schedule tab and set the desired schedule for the Data Discovery Scan to be performed.
- Click Save.
- Back in the Policy Management page, tick "Enable Data Discovery" and ensure that the rule is enabled.
- Click Deploy.
- Wait for the policy to be deployed and observe any entries after the specified schedule in step 11.
To review files detected by Data Discovery:
- Go to Logs > Log Query.
- Change Virus/Malware to "Data Discovery" and click OK.
- Select the range of logs to be reviewed.
- Click Search.
Alternatively, reporting via the dashboard can be seen via the Apex Central widget tab by adding respective entries for Data Discovery.
For further concerns, contact Trend Micro Technical Support.