Add a Cloud Data Discovery scan in the Forcepoint Security Manager

Use the Cloud Discovery Scan Properties page in the Data Security module of the Forcepoint Security Manager to create or edit a Cloud Data Discovery scan.

To access the Cloud Discovery Scan Properties page:

  1. In the Forcepoint Security Manager, go to DATA > Policy Management > Discovery Policies > Cloud Data Discovery Scans > Cloud Discovery Scan Properties.
  2. Click New in the toolbar at the top of the content pane on the Cloud Discovery Scans page to add a new scan. A Cloud Discovery Scan Properties page is shown.

To create or edit a scan:

  1. Enter or update a Scan name and Description for the scan.
  2. Select Enable scan to enable the Cloud Data Discovery scan.
  3. Choose a cloud application from the drop-down list for the new scan.

    The Cloud Application field lists all unassigned cloud applications created from the CASB Service page (e.g., Dropbox-Test Instance).

    Only applications that support Cloud Data Discovery are shown in the drop-down list. Cloud data discovery is enabled for all supported assets in the CASB portal. To disable Cloud Data Discovery, go to the CASB portal and modify the relevant asset. Each cloud application can be assigned to only one scan.

    Note that you cannot change the Cloud application name when you edit the scan.

  4. Use the Discovery Policies section to determine which policies to apply during the scan.
    Do one of the following:
    • Select All discovery policies to prompt Forcepoint DLP to search for data that matches the rules in all deployed policies.
    • Select Selected policies to apply only certain policies in this scan, then select the policies to apply.
  5. To save the changes and return to the Cloud Discovery Scans page, click OK.
  6. To deploy all the configured changes, click Deploy.