# Set Up Secure Location

When GuardWare identifies sensitive files during a scan, you may need to investigate or remediate them. A Secure Location is a designated storage area where these files are copied or moved, keeping them in a controlled environment separate from their original location.

Configuring a Secure Location is recommended before running scans where remediation is anticipated. Without one, files identified during a scan cannot be moved or downloaded for investigation.

GuardWare supports two configuration methods, depending on whether the target device has been discovered.

{% hint style="success" icon="sparkles" %}
Click the tabs below to view the relevant content, or use the links provided here to navigate to the desired section.

* [**Set up a new secure location**](/discover/investigate-and-remediate/set-up-secure-location.md#set-up-a-new-secure-location)
* [**Set up a discovered device as a secure location**](/discover/investigate-and-remediate/set-up-secure-location.md#set-up-a-discovered-device-as-a-secure-location)
  {% endhint %}

{% tabs %}
{% tab title="Set Up Secure Location — New" %}

### Set up a new secure location

Use this method if the device you want to use as the Secure Location has not yet been registered in GuardWare.

<figure><img src="/files/GOkQIqt5Y0OGmefczp9b" alt="" width="563"><figcaption></figcaption></figure>

1. Navigate to **ORGANISATION** > **Set Up Secure Location**.
2. In **Target Type**, select **New**.
3. In **Target Name**, enter the exact hostname of the target device. This must match the device's computer name precisely. To find a device's hostname on Windows, right-click **Start** > **System** > look for **Device name**.<br>

   <figure><img src="/files/wBFpHx2Qn2WYZkKGXmKW" alt="" width="563"><figcaption></figcaption></figure>
4. In **Connection Protocol**, select how GuardWare will connect to the device. Select **WinRM** for Windows devices or **SSH** for Unix-based systems.
5. In **Username**, enter the credentials for an account with access to the target device. Use the following format depending on account type:
   1. Local account: `administrator`
   2. Azure AD account: `user@yourcompany.com`
   3. Domain account: `DOMAIN\username`
6. In **Password**, enter the password for this account.
7. In **Secure Folder** **Path**, enter the full path where files should be stored (e.g., `C:\SecureLocation`).
8. Click **Save**.

GuardWare will attempt to connect to the location using the credentials provided. A status of **Active** confirms the Secure Location is ready. If the connection fails, verify that the hostname, credentials, and path are correct, the device is reachable from the Scanning Server, and the account has sufficient permissions on the destination folder.

{% hint style="warning" %}
If you need to change the Secure Location later, repeat the above process with the new device details.
{% endhint %}
{% endtab %}

{% tab title="Set Up Secure Location — Discovered" %}

### Set up a discovered device as a secure location

Use this method if the device you want to use has already been scanned or appears in GuardWare's discovered devices list.

<figure><img src="/files/p5KmYDy2IadWoMM7hide" alt="" width="563"><figcaption></figcaption></figure>

1. Navigate to **ORGANISATION** > **Set Up Secure Location**.
2. In **Target Type**, select **Discovered**.
3. In **Target Name**, select the device from the list. If the device does not appear, it has not yet been discovered. Either run a discovery scan first or use the New Device method above.
4. In **Secure Folder Path**, enter the full destination path (e.g., `C:\SecureLocation`) and click **Save**.

GuardWare will validate the path and confirm the location is accessible.
{% endtab %}
{% endtabs %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.guardware.com/discover/investigate-and-remediate/set-up-secure-location.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.