Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use the SPIglass™ DashboardHow to Use the Scans DashboardHow to Implement the SDV3 Dashboard
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles

How to Use the Scans Dashboard

The Scans Dashboard is the central management hub for all data discovery and classification activities within the Spirion Sensitive Data Platform. The dashboard acts as the "Mission Control" for the platform. While the SPIglass dashboard provides executive-level risk metrics, the Scans Dashboard is where technical users design the scope (where to look) and the policies (what to find) to ensure the system is healthy and data discovery is progressing as planned.

Overview

The Scans Dashboard is the central management hub for all data discovery and classification activities within the Spirion Sensitive Data Platform.

The Scans Dashboard includes the following categories of reports (displayed within tiles in the Spirion Sensitive Data Platform user interface):

  • SNAPSHOT view
    • Remediated matches
    • Average Time to Manage Matches
    • Top At-Risk Targets
    • Matches sorted by classification
    • Sensitive Data Distribution
  • TRENDS view
    • Match Status
    • Managed Action Activity
    • Aging Report for Unmanaged Sensitive Data

See below for more information:

SNAPSHOT View

Totals Overview

The Totals Overview displays data in tiles:

  • Average Target Scan Coverage - 30 days (by percentage)
    • Percent (%) of all valid Targets in the Data Asset Inventory (DAI) that have been scanned in the past 30 days. 
    • This number should be as close to 100% as possible.
  • Total Matches Remediated (out of total matches)
    • The number of sensitive data matches that have been remediated (quarantined, redacted, deleted, etc.) out of the total number of matches discovered (by all scans).
    • The gap between these two numbers should be as small as possible.
    • Ideally, these numbers match (Example: 10,000/10,000) 
  • Average Time to manage matches (in days)
    • Average amount of time (in days), from when the sensitive data match was discovered by a scan to when it was acted upon (quarantined, redacted, deleted, etc.).
    • This number should be as low as possible given your environment and Agent count.
    • For Large organizations with thousands of Agents:
      • Approximately 1 week is recommended.
      • A value of 1 month or more is considered high risk.
    • For Small organizations with 10-20 Agents:
      • 1-2 days is recommended.
      • A value of 1 week or more is considered high risk.
    • Your goal is to keep this number as low as possible.
    • This number should trend lower over time.

Scan Coverage By Target (last 30 days)

  • The Scan Coverage By Target (last 30 days) bar graph displays at a glance, which Targets do not have proper coverage.
  • The Scan Coverage By Target (last 30 days) bar graph displays the number of scans performed on different Targets (in the Data Asset Inventory) in the past 30 days
    • The scan count for Targets displays in ascending order in the grid.
    • Click a Target - or its scan count - to display the Target Details screen.

Top At-Risk Targets

  • Top At-Risk Targets bar graph displays your exposed, vulnerable data from a Target perspective.
  • Top At-Risk Targets displays a list of Targets most at-risk due to the amount of Unmanaged sensitive data they contain. Each Target displays the percentage of Unmanaged data on the Target.
  • Targets with dark red, filled or nearly filled bars contain the most Unmanaged sensitive data and are MOST AT-RISK!
    • Unmanaged data in Spirion Sensitive Data Platform is sensitive data that has NOT been remediated in the following ways to lessen or eliminate the risk to your organization:
      • Quarantined
      • Redacted
      • Shredded
      • IgnoreLocation
      • Classified
      • Script (executed against the data)
      • Permissions (Access restricted)
      • Ignored
      • GloballyIgnored
      • UserAction taken on data
      • MipLabel applied to data
  • Name: Name of the at-risk Targets.
  • Top Three Types: Top three types of sensitive data types contained in the Target. For example, social security number, credit card number, password, etc..

Target Sort

Targets are sorted by the following:

  • Name - The name of the Target
  • Unmanaged Data (percentage) - What percent of the sensitive data on the Target sources (databases, servers, cloud locations, etc.) is Unmanaged data. Unmanaged data is more vulnerable to breaches, malware, and other security threats.
  • Top Data Types - The 3 most discovered types of Unmanaged data. For example, social security numbers, e-mail addresses, credit card numbers, etc.

Sort your Targets as follows:

  1. Click the arrow to sort by ascending values, lowest value first, at the top.

  2. Click the down arrow to sort by descending values, highest value first, at the top.

Matches by Classification

  • Sensitive data discovered, or "matched" in your environment is classified (Top Secret, HIPAA, Secret, ePHI, etc.) either manually, or as a result of a playbook action. The Matches by Classification horizontal stacked bar graph displays those classifications as they are distributed across the following data locations in your environment (expressed as a percent % of whole):
    • Local - Local file servers or the files and folders on a workstation, laptop, desktop, etc.
    • Email - Exchange, Exchange Online, Gmail
    • Database - Oracle, MSSQL, PostgreSQL, Snowflake, etc.
    • File & Folder - Remote file servers or the files and folders on a workstation, laptop, desktop, etc.
    • Collaboration - SharePoint, SharePoint Online, Bitbucket
    • Cloud - box, Dropbox, Google Drive, OneDrive, S3, etc.
    • Website - Website of your choosing
  • Colors: Each data location (which contains sensitive data) is represented by a different color.
  • Mouse over a Classification to see a detailed view of how it is distributed across data locations
    • Example: In the screenshot above, the data classification "Government Form" is found in the following 4 different locations within the scanned environment:
      • Local sources: 38% (Local file servers or the files and folders on a workstation, laptop, desktop, etc.)
      • Email sources: 25% (Exchange, Exchange Online, Gmail)
      • Collaboration sources: 25% (SharePoint, SharePoint Online, Bitbucket)
      • Cloud sources: 13% (box, Dropbox, Google Drive, OneDrive, S3, etc.)

Sensitive Data Distribution

Sensitive Data Distribution bar graph example

  • The Sensitive Data Distribution horizontal stacked bar graph displays sensitive data types as they are distributed across the data locations in your environment (expressed as a percent % of whole):
    • Local - Local file servers or the files and folders on a workstation, laptop, desktop, etc.
    • Email - Exchange, Exchange Online, Gmail
    • Database - Oracle, MSSQL, PostgreSQL, Snowflake, etc.
    • File & Folder - Remote file servers or the files and folders on a workstation, laptop, desktop, etc.
    • Collaboration - SharePoint, SharePoint Online, Bitbucket
    • Cloud - box, Dropbox, Google Drive, OneDrive, S3, etc.
    • Website - Website of your choosing
  • Colors: Each data location (which contains sensitive data) is represented by a different color.
  • Impact: In the above example, Bank Account Numbers are found exclusively in the Files and Folders on remote machines.
    Consider the following:
    • This may be expected behavior (you may wish to keep this data out of cloud sources).
    • You may wish to confirm this data has been redacted/quarantined or similar remediation action taken to ensure it is secure
    • You may wish to drill down and discover the distribution among local machines - is this data on one machine or several? Are these machines secure? Do they use proper password strength, etc.?
  • Mouse over a sensitive data type to see a detailed view of how it is distributed across data locations

TRENDS View

Match Status

  • The Match Status vertical stacked bar graph displays what percent (%) of sensitive data matches are Managed vs Unmanaged over time (by month).
    • Managed sensitive data matches have been acted upon in the following ways:
      • Access Restricted
      • Classified
      • Quarantined
      • Redacted
      • Shredded
      • Script Executed
      • Ignored
      • Globally Ignored
      • User Action taken on data
      • MIP Label applied to data
    • Unmanaged data is sensitive data that has been not acted upon (no action) or else has been acted upon in the following ways:
      • Assigned
      • Notified
  • Colors: Unmanaged data is shown in red. Managed data is shown in green.
  • Impact: An environment with a large amount of unmanaged data is at greater risk of data breach, malware, data loss and other security threats than an environment with managed data.
  • Mouse over a graph bar to see the exact distribution of Managed versus Unmanaged data for a specific month
  • More information about Managed vs Unmanaged data

Managed Action Activity

  • The Managed Action Activity veritcal stacked bar graph displays the percent (%) of Managed actions (performed on sensitive data) over time (by month).
  • Once these actions are applied to sensitive data that data is considered Managed by Spirion Sensitive Data Platform.
    • Managed actions displayed here include:
      • Access Restricted
      • Classified
      • Quarantined
      • Redacted
      • Shredded
      • Script Executed
      • Ignored
      • Globally Ignored
      • User Action taken on data
      • MIP Label applied to data
  • These actions make your data more secure and reduce sensitive data risk in your environment.
  • Colors: Each action on managed data is represented by a different color.
  • Impact: Managed data are displayed over time (measured monthly), revealing changes in action activity. This is useful in understanding the trend of how remediation actions are being applied to your sensitive data.
  • More information about Unmanaged vs Managed data.

Aging Report for Unmanaged Sensitive Data

Aging Report for Unmanaged Sensitive Data example graph trending down

  • The Aging Report for Unamanged Sensitive Data line graph shows the age (in days) of all the Unmanaged sensitive data in your environment over time on a monthly basis.
    • Unmanaged data is vulnerable, exposed sensitive data
    • Unmanaged data is at greater risk of security breach
    • Unmanaged data is sensitive data that either has been not acted upon (No action) or else has been acted upon in the following ways:
      • Assigned
      • Notified
    • Sensitive data classified as Unmanaged MUST BE addressed in a timely fashion. The older your unmanaged sensitive data, the greater the risk to your organization!

Dashboard Refresh Interval

The Dashboard is designed to refresh its data charts automatically after a job (scan) run completes.

  • Automatic Refresh: Under normal conditions, data should refresh once a scan job is finished to reflect the new results.
  • Manual Override: If the charts are not updating as expected, administrators often use a manual refresh via the API: /api/Maintenance/RefreshChartCache

Troubleshooting Refresh Issues

  • Ensure the database table CachedDashboardCharts has updated
  • Issues can be caused by backend service delays or issues with the log svc-resultsprocessing.


Was this article helpful?

Powered by Product Fruits