Enterprise DLP
Start a Shadow Data Discovery Scan
Table of Contents
Start a Shadow Data Discovery Scan
Start a Shadow Data Discovery scan so Enterprise Data Loss Prevention (E-DLP) can detect and
categorize shadow data in your environment.
| Where Can I Use This? | What Do I Need? |
|---|---|
| Strata Cloud Manager |
Or any of the following licenses that include the Enterprise DLP and Data Security licenses
|
The Shadow Data Discovery process enables Enterprise Data Loss Prevention (E-DLP) to analyze
documents at rest in apps you onboarded to Data Security. Enterprise DLP uses machine learning to analyze the documents and automatically discover and
categorize these documents into natural groupings based on the contents contained
within each document. Through hierarchical clustering, Enterprise DLP creates
meaningful categories and subcategories that reflect how your organization actually
structures its documents and information rather than relying on predefined
templates.After analysis completes, Enterprise DLP gives visibility into your
shadow data landscape through an interactive dashboard that shows clusters of
documents organized by the AI-discovered categories.
Shadow Data Discovery scan reruns every time Data Security reruns scans of
onboarded apps. This enables Enterprise DLP to continuously learn and
categorizing new documents as they enter your environment and gives your data
security administrators continuous visibility to help them maintain comprehensive
protection for sensitive information that traditional pattern-matching approaches
might miss. Analyzing your shadow data enables your data security administrators to
understand not just what sensitive shadow data exists, but also how your
organization's is naturally stores and organizes its documents and what protection
gaps might exist.
- Log in to Strata Cloud Manager.Onboard sanctioned SaaS apps to Data Security (SaaS API).Select and Start Shadow Data Discovery.Enter the minimum files required to start the data discovery process.The value entered here specifies the minimum file volume required for Enterprise DLP to begin categorizing the files detected in supported SaaS apps onboarded to Data Security.Enterprise DLP supports up to 100,000 files.Select the security Channels you want Enterprise DLP to inspect and categorize.Enterprise DLP supports shadow data file categorization for the following channels.Start Scan and wait for Enterprise DLP to complete inspection and file categorization for the selected channels.Review the shadow file summary and analysis by Enterprise DLP.Enterprise DLP displays the following summary for the categorized files across all channels.
- Total number of file categories detected.Enterprise DLP categorizes all discovered shadow data in English, even if the source files are in other languages.
- Total number of channels selected.
- Total number of data profiles across that matched.
- Total number of apps.
View Shadow Data to see a bubble graph and detailed breakdown of the shadow data detected by Enterprise DLP.View Shadow Data to analyze the shadow data discovered by Enterprise DLP.If necessary, edit the Shadow Data Discovery settings to modify the channels Enterprise DLP inspects to discover and categorizes shadow data in your environment when Data Security rescans your onboarded apps.