Organizations utilize a variety of sensitive data – credit card numbers, PII/PHI information, proprietary intellectual property, and more – to operate and maintain a competitive advantage. Overexposure of valuable assets harm a company’s top and bottom line and leave you vulnerable to data breaches, theft, and misuse.
Browse to Category 04 File System Permissions (ACLs) then expand “Report Name g. Classification and Priorities.” Expand the predefined subsection then click on “02. Sensitive Folders by Risk Percent”
There are three ways to calculate the “risk percent.”
“Calculate the risk per file server”
This is the easiest as it treats each server as a discrete entity, and only factors in the sensitive data residing on that server. This approach is best for a server-by-server remediation effort.
“Calculate the risk on all file servers” and “Calculate the risk on all file servers displayed in the report”
These treat all in-scope servers as one entity. This approach is best to determine the absolute most at-risk folder across a set of servers.
Select “Calculate the risk per file server” as the risk calculation method.
Next, click the ellipsis button next to the File server filter.
Place a check next to one or more servers to include in the report. Click OK to confirm the selection and return back to the main filter menu.
By default, all enabled rules marked as sensitive are included in the risk calculation and in the report. To customize the scope, click the down arrow in the box next to “Rule Names,” and uncheck the boxes next to the rules you wish to exclude.
Click on the Columns tab along the top. Click on “Scan Priority” in the “Your selection” panel to the right then click the “<” arrow to remove the selection
Optional: If the risk calculation method is set to per file server and multiple servers are selected, place a check in the Group by box next to file server. This will logically separate the report results by server name.
Click the Run button to generate the report.
Below is a sample output sorted by risk percent based on the selected rules. The folders with the highest risk rating will bubble up to the top as a high value target list for remediation efforts.