Configuring the Data Loss Prevention Compliance Indicator

You can configure settings and exceptions for the Data Loss Prevention Compliance indicator to display the percentage of managed Data Discovery-enabled OfficeScan and Cloud App Security agents with an acceptable number of sensitive data detection incidents on the Operation Center tab.

  1. Go to Administration > Settings > Active Directory and Compliance Settings.
  2. Click the Compliance Indicator tab.
  3. Click Data Loss Prevention.
  4. The following table describes the available configuration options.

    Column

    Description

    Period

    Specify the time range for the displayed data.

    Threshold

    Type the acceptable number of sensitive data detection incidents.

    Alert indicator

    Adjust the slider control to set the thresholds (% of compliant agents) for different alert levels.

  5. In the Exception List, select custom tags or filters to exclude users or endpoints from compliance calculations.
    Note:
    • The Exceptions list applies to all Control Manager users. You may only add or delete exceptions based on your permissions to modify the corresponding tags and filters.

    • For more information about creating tags or filters, see Custom Tags and Filters.

    1. Click Add.

      The Add Exception screen appears.

    2. From the Type drop-down list, select User or Endpoint to display the available custom filters and tags by type; otherwise, select All to view all entries.
      Tip:

      To search for a custom filter or tag, type a name in the text field and press ENTER.

      For more information on custom tags and filters, see Custom Tags and Filters.

    3. Select one or more custom tags or filters and click Add.

      The selected items appear in the Exception List.

    4. Click Close.
    5. Click Save.
    6. Specify the scope of the added custom tags or filters from the Apply exceptions added by drop-down list.
      • All user accounts: Excludes all users and endpoints specified in custom filters and tags added by any user account

      • Only the logged on account: Excludes only the users and endpoints specified in custom filters and tags added by the currently logged on user account

  6. Click Save.