Learn how data policies identify the managed endpoint groups containing sensitive data, the sensitive data classification rules to apply, and the actions to take when sensitive data movement is detected.
You can create data policies to monitor local devices and files for sensitive data.
Data policies use the rules created in Sensitive Data Classification to determine what action to take when unauthorized sensitive data movement occurs.
 |
NoteData policies monitor local devices and files, not cloud assets. To monitor cloud
assets for sensitive data, you must enable Data Security Posture on connected AWS
accounts or Azure subscriptions. For more information, see Get started with Data Security Posture.
|
The following table details the actions you can take on the Data Policy screen:
| Action | Details | ||
|
Create a data policy
|
Click Create Policy.
For more information, see Create a data policy.
|
||
|
View the number of Sensitive Data Classification rules currently being applied by
a policy
|
Expand a data policy. In the Selected rule category section, hover over the number beside a rule category to see a list of actively applied
rules.
|
||
|
View the response actions in a data policy
|
Expand a data policy. In the Selected channel type area, hover over the number beside a channel type to see the configured response
actions.
|
||
|
View and update the configuration of a data policy
|
Click a data policy name in the list to view configuration details and update the
configuration.
For more information, see Create a data policy.
|
||
|
Enable endpoint data sensor on managed endpoints
|
Click Enable Endpoint Data Sensor to configure an endpoint policy to detect and trace the movement of sensitive data.
For more information, see Enable Data Security sensors on managed endpoints.
|
||
|
Delete a data policy
|
Click the Delete icon (
 ) beside the data policy you want to delete. |
||
|
Additional actions
|
|