After a Data Loss Prevention incident occurs, OfficeScan logs
the incident details in a specialized forensic database. OfficeScan also
creates an encrypted file containing a copy of the sensitive data
which triggered the incident and generates a hash value for verification
purposes and to ensure the integrity of the sensitive data. OfficeScan creates
the encrypted forensic files on the client machine and then uploads
the files to a specified location on the server.
 |
Important
-
The encrypted forensic files
contain highly sensitive data and administrators should exercise
caution when granting access to these files.
-
OfficeScan integrates
with Control Manager to provide Control Manager users with
the DLP Incident Reviewer or DLP Compliance Officer roles the ability
to access the data within the encrypted files. For details about
the DLP roles and access to the forensic file data in Control Manager, see the Control
Manager Administrator’s Guide 6.0 Patch 2 or later.
|
