TRITON - Data Security Help/content/support/library/data/v753/help/discovery.aspxTRITON - Data Security Help v7.5.3
Performing discovery
Discovery is the act of determining where sensitive content is located in your enterprise. A data discovery policy might say, for instance: every Sunday, scan all the computers in the network looking for financial documents containing the keyword “Confidential”. Log what is discovered and send a notification to the Finance manager.
If you want to monitor what is done with those financial records or stop them from leaving the building, you need to create a network or endpoint policy.
Discovery enables you to find data at rest on your network and identify the endpoint machines that represent the greatest risk. This allows you to prioritize actions taken on the files and machines.
Performing discovery is comprised of 2 basic steps:
1. Creating data discovery policy.
2. Scheduling data discovery tasks.
comprised of rules, exceptions, content classifiers, and resources. Rather than specifying destination channels to scan such as FTP, SMTP, and printers, however, you create a data discovery task that describes where and when to perform the discovery, including specific network and endpoint computers to scan.
On networks, this may include a file system, SharePoint directory, database, or Exchange server.
* File systems - Scans your network file systems and identifies data in breach of policies.
* SharePoint - Scans SharePoint directories and identifies data in breach of policies.
* Database - Scans the organization’s database servers and detects confidential information that is defined as policy breaches in tables.
* Exchange - Scans the organization’s Exchange servers and detects confidential information that is defined as policy breaches in mailboxes and public folders.
If you’re performing endpoint discovery, it includes the exact devices to scan.
Click View Complete Document for more.