Files and Machines with Personally Identifiable Information (PII)

Applies To: WatchGuard Advanced Reporting Tool and Data Control

You can use the Files and Machines with PII dashboard to find files and computers on the network that store personal information, and to see the processes that act on the personal information.

To open the Files and Machines with PII dashboard, from the WatchGuard EPDR or WatchGuard EDR web UI:

  1. From the top navigation bar, select Status.
  2. From left pane, select Advanced Visualization Tool.

    A new browser tab opens.
  3. From the left pane, select Data Control > Files and Machines with PII.
  4. Select a time period to filter the data on.

Screen shot of Advanced Visualization Tool date selector

  1. Click Refresh.
    The dashboard shows information for the time period selected.

The Files and Machines with PII dashboard includes three tabs:

Data Files with PII

On the Data Files with PII tab, you can see the personal data files found on your workstations and servers.

Screen shot of Advanced Visualization Tool, Data Control > Data Files with PII tab

The General View section shows a summary of the files with PII found, the computers that store them, and how they have been used.

The Files Reclassified as Not Having PII section shows the files with PII that have changed status.

Machines with PII

The Machines with PII tab shows computers on the network with the most activity on personal data files.

Screen shot of Advanced Visualization Tool, Data Control > Machines with PII tab

The Most Active Machines section shows the workstations and servers with most activity on files with PII.

The Machines with Malware section shows the workstations and servers with files with PII accessed by processes classified as malware by WatchGuard EPDR or WatchGuard EDR.

Processes Accessing PII Files

The Processes Accessing PII Files tab shows a history of the processes that performed most operations on files with PII.

Screen shot of Advanced Visualization Tool, Data Control > Processes Accessing PII tab

The Processes Accessing PII section shows the processes found on the network that have accessed personal data files.

The Malware Processes section shows the processes that have accessed personal data and that WatchGuard EPDR or WatchGuard EDR classified as malware.

See Also

About Data Control Advanced Visualization

About Personally Identifiable Information (PII) in Data Control

User Operations on Files with Personally Identifiable Information (PII)

Risk of PII Exfiltration

User Monitored Files