FortiCWP classifies data as either data at rest or traffic data. Data at rest is data uploaded onto the cloud application before it has been linked with FortiCWP, while traffic data is any data uploaded after FortiCWP has started monitoring the cloud application.
You can run scans on the data in your cloud platforms to determine their contents. Depending on the policies you set, FortiCWP will classify this data as either sensitive or non-sensitive data. This can be seen in the Documents section for all cloud applications.
If you don't run a manual scan, FortiCWP will scan files on an individual basis whenever a user accesses the file.
For more information on policies, see Policy.
For more details explaining the Document page, see Documents.
FortiCWP monitors user and data traffic for your cloud application. This is shown in the activity page.
For more information on what is monitored and logged as activity, see Activity.
FortiCWP sends you alerts when one of your set policies are triggered.
- DLP policies pertain to the types of data stored in the cloud application.
- Risk Assessment policies check to see if your cloud application is following best practices.
- Threat protection policies pertain to suspicious user activity.
- Compliance policies pertain to specific regulations, such as HIPAA, PCI, and SOX.
See Policy for specific policy descriptions.
See Alert for alerts triggered by policies.
FortiCWP allows you to generate Compliance and C-Level reports. See Reports for more information.
FortiCWP records all administrator activities. You can filter your searches by using the Filter option. To access the Audit log page, go to Administrator > Audit Log.
FortiCWP uses data patterns to create policies for monitoring files. You can create customized data patterns from the Data Pattern page. See Data pattern for more information.