Reference Guide
Security Management Server Virtual - AdminHelp v9.8
95
Process
Address
Application
Process - Migration of Cloud Encryption events. A system event from the client performs an
action on the .xen file.
Application - App indcates this is part of the Cloud Encryption application.
Column options related to folder
management (Windows only):
Folder Path
Folder Protection
If the Folder Management Enabled policy in Data Guardian > Cloud Encryption is enabled
for an endpoint, a user can select the Dell Data Guardian icon in the endpoint's system
tray, select Manage Folders, and manually protect or unprotect a sync client folder.
Typically, this policy is enabled for a manager on a temporary basis.
This audit event allows you to
monitor overrides to protected folders and investigate if files
that need to be encrypted are now decrypted.
Cloud Encryption audit events
This table lists audit events that occur for files or folders stored in the cloud sync client folders. Events may
differ slightly for Windows, Mac, and mobile devices.
Actions for audit
events
Cloud Action and Description
Windows
Mac
Mobile
device
Created Encrypt
In the cloud sync client folder, Dell Data Guardian encrypted a file,
creating a .xen file.
● ● ●
Unprotected Decrypt
Data Guardian decrypted a .xen file.
● ● ●
Deleted Deleted
A user deleted a .xen file from the cloud sync folder.
● ● ●
N/A Upload
Lists the folder path and whether the folder was protected.
● ●
Column options for Net and Cloud Encryption only
Audit Event
- Column options Description
Net Action
(Windows)
Blocked (Relates to .NET information)
Attempts by a user or device to open an application or browser, but the attempt was
blocked.
Attempts to proxy through, but the address was blocked.
Examples of Map Visualization and Column Filters
You can alternate between drilling in at the map level and drilling in at the filter and Search level. Here are
some examples.
• Endpoint or endpoint group - If geolocation is enabled, the map displays the location of the events
for each endpoint's .xen and protected Office files. If the map indicates protected files in an
unexpected location, you can use the audit data to identify who modified the file. If several users
modified the file, you can filter the Timestamp column to determine the last person who modified
it.
• User - You can audit a users' file activities. For example, in Columns, if you select Action, the
protected Office files for that column can list Created or Modified. If you also select Data Guardian
Action, the column lists the reason for a user modifying files, such as Updated or Swept. For
information on Action and Data Guardian Action, see Options in the Columns dropdown,
Cloud
Encryption audit events, and Protected Office Document audit events.
Example of drilling in at the map level
1. In the global view, drill in to a marker cluster and select a blue marker.