Administrator Guide
The recovery tool adds the recovered les to the selected destination. You can open and view the les
View data from Hidden Audit Trail
For Windows, if the Hidden Audit Trail policy for protected Oce documents is enabled, user information is captured in the le metadata. To
view this data, use the Recovery Tool:
1 Launch the Recovery Tool.
• For Source, browse to a folder that contains protected Oce documents with hidden audit data. The Recovery Tool copies the
folder and subfolder structure, decrypting any protected Oce documents that have hidden audit data.
• Before browsing to a Destination, you can create a folder, Decrypted les, and then browse to that.
2 Select Decrypt.
3 After selections are complete, click Scan.
The folder selected as the Destination contains a dated Recovered Files folder with the following:
• Decrypted protected Oce les
• Audit Trail folder, created by the Recovery Tool, with a .txt le for each decrypted le. Each .txt le has a log that lists information
of the decrypted le, such as authors, last author, time stamps.
Use the Recovery Tool with encrypted Outlook email
If policy is enabled, internal users with Data Guardian v2.0.1 and higher have a Protect button to encrypt Outlook emails and attachments.
As a forensic administrator, you can decrypt the emails:
1 Create an empty folder and then drag the encrypted emails from Outlook to that folder.
NOTE
:
You can drag multiple emails to the folder simultaneously.
2 Follow the steps in Perform a Recovery for logging on with your forensic administrator credentials and performing a recovery:
64
Encryption Recovery
Dell Data Guardian Recovery