CoryRetherford.com

 

The following are exclusions I use for our Enterprise deployment for the University which we provide a central service to all IT Professionals. We consider a Tag as a Tenant and delegate rights appropriately using this model. This allows a central Global Policy we manage and settings which provide the necessary settings to comply with HIPPA and PCI requirements 3.1 and more. The following are the Global Exclusions used to limit the overwhelming number of false positives received. Remember, there is always an amount of risk excluding locations, however from the social engineering perspective, an overwhelming number of false positives will leave your End-Users in a stunned stat of being overwhelmed. What do we do when we are overcome by too much, we ignore it, quite literally! In the approach I have taken we can get most of the real concerns addressed with the acceptance we may miss a few, Identity Finder will miss some anyways, so we do the best we can.

c:\program files
c:\program files (x86)
c:\windows
c:\users\system
c:\users\default
c:\windows.old
c:\%userprofile%\appdata\
c:\%userprofile%\box sync.old\
c:\%userprofile%\box sync\
c:\%userprofile%\onedrive
/Applications
/bin
/Developer
/etc
/Library
/mach_kernel
/opt
/private
/sbin
/System