Data Loss Prevention

hello after running discover scans we have found thousands of events and matches with confidential data stores in temporary files such as appdata\local and iecache. I wanted to know what is the best practice for getting these directories cleaned up with out resetting any default settings for applications that maybe set. There is concerns that if we delete those temp files it will reset the default settings for other applications that may be using those files in there.

NK5316,

Typically you can ignore those directories by putting in exclusions forthose appdata directories. THe only other options is to have a script that the desktop team will run to clear out the temp files that store up. These files are typically from people browsing the web. So they should not be important.

Think of the process when you clear you browser cache or temp files.. that is the same thing.

How real is the data match is it acurate?

I would also think about how much data is thee and what the risks are with them being around. You will never be able to clean the world, especially when it comes to temporary files.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

From what I can tell only the temporary internet files has actual confidential data in it but I'm not 100% sure. For temporary internet files we plan to flush that data out on a daily bassis and we will move forward with some discussions to make this happen. I'm going to do some more research into the appdata\local temp folder and see if there is any valid data in there and if not then maybe we can just ignore that directory.