Before you begin

Before deploying File Storage Security, complete these tasks:

  1. Sign up for Cloud One. You can create an account here: https://cloudone.trendmicro.com.
  2. Sign in to the cloud storage service where you want to deploy File Storage Security.
  3. For AWS: Go to Services > IAM and make sure you have the AdministratorAccess permission.

    screen shot

    For Azure: In the search bar at the top of the Azure portal, search on Subscriptions, then select the Subscriptions service. In the My role drop-down list, make sure you have the Owner role permission selected so that the subscription can deploy File Storage Security.

    screen shot

You have now completed the pre-deployment tasks. Now determine your deployment path.

How you deploy File Storage Security depends on your security process.

Security managed by centralized security team

If you want to centralize all scan requests to your AWS account or Azure subscription, from your security team's account or subscription, deploy at least one scanner stack. Then from your individual application team accounts or subscriptions, deploy storage stacks across different regions and report to the scanner stack created by the security team.

Security managed by application teams

If each application team owns its security responsibilities, deploy one scanner stack and many storage stacks across different regions. Alternately, for a simple use case, deploy an all-in-one stack to protect a single bucket or storage account.

Continue to the next section to sign in.