It might be possible that Incident Snapshots of incidents created by Symantec Data Loss Prevention will contain the same sensitive information that have generated the incidents in the first place. For example, this may be credit card details entered on a web site, which then will be viewable for every DLP user looking at the corresponding Incident Snapshot. This may be an undesirable situation and it might be necessary to limit what DLP users can see in the incident details.
To hide parts of Incident Snapshot, you can use Roles and their Display Attributes settings that control which parts of the incidents are visible for a particular Role. To do this, follow these steps:
It's recommended to test unchecking the selected attributes one by one and then verifying whether the incident is now properly hiding the sensitive data. Which attributes should be unchecked depends on which sensitive information you want to hide from the DLP users.
To learn more about what each incident attribute represents, refer to either the Enforce online help or the DLP Admin Guide.