Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Cloud App Security Data Collection Notice

    • Updated:
    • 10 Apr 2018
    • Product/Version:
    • Cloud App Security 2.0
    • Platform:
    • N/A N/A
Summary

The section below outlines the following Cloud App Security features that collect data, the data transmitted, and their location on the product console where you can disable the features:

  • O365 (Exchange Online, SharePoint Online, OneDrive for Business) Provisioning
  • Cloud storage service (Box, Dropbox, Google Drive) Provisioning
  • Logs
  • Predictive Machine Learning
  • Virtual Analyzer for files
  • Advanced Spam Protection
  • Web Reputation
Details
Public

O365 (Exchange Online, SharePoint Online, OneDrive for Business) Provisioning

When your license for Cloud App Security is valid, contact Trend Micro Technical Support to submit a request for de-provisioning. After de-provisioning is completed, data is cleaned up.

One month after the grace period of your license expiration, data is automatically cleaned up. After data is cleared, Cloud App Security does not protect your service any more.

Data collected
  • Domain, user, and group information in Windows Azure Active Directory
  • Exchange Online mailbox information
  • SharePoint Online site collection information
  • OneDrive for Business user and user site information
Console Settings
  • In the pop-up wizard that appears at your first logon, select a service that you want to protect; or
  • On the Dashboard screen, hover over the service that you want to protect and click Provision in the tooltip that appears; or
  • Administration > Service Account > Add > Office 365; or
  • Hover over the ring icon on the upper right of the management console and click the corresponding provision link in the Notifications screen that appears.

Service Account

Cloud storage service (Box, Dropbox, Google Drive) Provisioning

When your license for Cloud App Security is valid, contact Trend Micro Technical Support to submit a request for de-provisioning. After de-provisioning is completed, data is cleaned up.

One month after the grace period of your license expiration, data is automatically cleaned up. After data is cleared, Cloud App Security does not protect your service any more.

Data collected
  • Box user and group information
  • Dropbox user and group information
  • Google Drive user and organization unit information
Console settings
  • In the pop-up wizard that appears at your first logon, select a service that you want to protect; or
  • On the Dashboard screen, hover over the service that you want to protect and click Provision in the tooltip that appears; or
  • Administration > Service Account > Add; or
  • Hover over the ring icon on the upper right of the management console and click the corresponding provision link in the Notifications screen that appears.

Service Account

Logs

After data is cleared, administrators cannot retrieve history data of user events and policy violations from Cloud App Security.

Data collected
  • Email senders
  • Email recipients
  • Email locations
  • Email subjects
  • Attachment names
  • File modifiers
  • File locations
  • File names
Console settings
  • Cloud App Security automatically deletes logs older than 90 days.

    Automatically delete logs older than 90 days

  • For Quarantine logs, Cloud App Security provides an option for administrators to choose to automatically delete them older than 30, 60, or 90 days.

    Quarantined logs

  • Data will be automatically cleaned up one month after the grace period of your license expires.

Predictive Machine Learning

Disabling Predictive Machine Learning prevents the transmission of data to Trend Micro but severely affects the ability of Cloud App Security to detect new, previously unidentified, or unknown threats.

Predictive Machine Learning Scanning
Data collected
  • Metadata of suspicious executable files and scripts in cloud storage services
  • Metadata of suspicious executable files and scripts in email attachments
Console locationATP policy > Malware Scanning > Rules
Console settings
  • Enable Predictive Machine Learning

Enable Predictive Machine Learning

Predictive Machine Learning Feedback
Data collected
  • Metadata of suspicious executable files and scripts in cloud storage services
  • Metadata of suspicious executable files and scripts in email attachments
Console locationATP policy > Malware Scanning > Rules > Predictive Machine Learning
Console settings
  • Allow Trend Micro to collect suspicious files to improve its detection capabilities

Predictive Machine Learning Feedback

Virtual Analyzer for files

Disabling the Virtual Analyzer prevents the transmission of data to Trend Micro but severely affects the ability of Cloud App Security to detect advanced malware in files.

Data collected
  • Suspicious executable files
  • Scripts
  • Documents with macro
Console locationATP policy > Virtual Analyzer
Console settings
  • Enable Virtual Analyzer
  • Files

Virtual Analyzer

Advanced Spam Protection

Disabling Advanced Spam Protection prevents the transmission of data to Trend Micro but severely affects the ability of Cloud App Security to detect BEC, phishing, ransomware, and other spam.

Advanced Spam Protection
Data collected
  • IP addresses of upstream MTAs
Console locationATP policy > Advanced Spam Protection
Console settings
  • Enable Advanced Spam Protection

Enable Advanced Spam Protection

Advanced Spam Protection Feedback
Data collected
  • Email addresses
  • Email subjects
  • URLs in email body
Console locationATP policy > Advanced Spam Protection
Console settings
  • Allow Trend Micro to collect suspicious email information to improve its detection capabilities

Advanced Spam Protection Feedback

Web Reputation

Disabling Web Reputation prevents the transmission of data to Trend Micro but severely affects the ability of Cloud App Security to detect malicious URLs.

Data collected
  • URLs in email body
  • URLs in email attachments
  • URLs in files
Console locationATP policy > Web Reputation
Console settings
  • Enable Web Reputation

Enable Web Reputation

Premium
Internal
Rating:
Category:
SPEC
Solution Id:
1119582
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.