How to Configure DDR Rules

Create Scan Configuration

To configure DDR rules, follow these steps:

1. Access the Getvisibility DDR dashboard using your credentials.

2. Under the DDR tab, select Create Scan Configuration to connect to the data sources to be monitored.

1. Define Scopes: Specify the data sources that will be connect to.

2. Verify Configuration: Ensure that at least one data source is successfully connected. A green checkmark will confirm the completion.

Check for Incoming Events

Once the scan configuration is complete:

1. Go to Administration > Live Events Streaming to view real-time events.

1. Monitor Event Activity: Filter events by source, user name, action type (create, update, delete), and event type.

Overview Page

The Overview Page provides a comprehensive view of DDR's performance:

1. Event Statistics: Displays the number of events by source, such as Google Drive, SharePoint, OneDrive, and Box.

2. Data Source Activity: Visualizes active data sources and the volume of events generated by each.

3. Event Timeline: Shows when events occurred, helping identify peak activity periods and anomalies.

Open Risks

The Open Risks section highlights detected threats, categorised by risk type:

• Public Exposure: Identifies sensitive files accessible to external users via public links.

• External Sharing: Detects files shared outside the organisation, potentially exposing sensitive information.

• Internal Over-Sharing: Flags data with excessive permissions within the organisation.

For each risk, DDR provides detailed insights, including the file path, user activity, and recommended remediation steps.