SaaS applications make it easy for users to collaborate and share information in the cloud. However, tracking and controlling the different types of sharing in all cloud apps you sanction to ensure that your private data is not exposed can be challenging. This is why the Asset Risk Details and Security Controls Risk Details identify all the different ways that an asset is shared. In some cases, the Aperture service identifies an asset as a risk because it contains sensitive or private keywords or data and you can simply modify how the asset is shared to remove the risk.
Types of sharing that may pose a risk include the following:
- Public share settings—The asset is publicly indexed on Google or it is stored in a public repository.
- Shared links—The owner created a public link, vanity URL, or password-protected link for direct access to the asset.
- External collaboration—The owner shared the asset with users outside of your organization.
- Company-wide collaboration—The owner created a company-wide URL that gives anyone in the company direct access to the asset.
- Internal collaboration—The owner shared the asset with internal users.
When you Add a New Policy Rule for Content, you can automatically change sharing to Remove Public Links. Choices include:
- Only Remove Direct Links—Remove any links on the asset that allow the asset to be publicly accessed. Only the link on the asset is removed. For some cloud apps, the asset may still be exposed due to inheritance from parent folders.
- Remove Public Links on Parent Folders if Necessary—For some applications, you can also remove public links from an asset if the risk is inherited (for example, if the folder where the asset resides has public links or Collaborators, but the file itself does not). This option removes any public links on the asset and removes any public links on parent folders that allow the asset to be publicly accessed.
When public links are automatically removed on an asset, you can send the asset owner a Remediation Digest Email that describes the changes that were made (Actions Taken).
Automatic Remediation Automatic remediation is a powerful tool you can use to address security incidents that the Aperture service discovers. When you Add a New ...
Aperture scans assets for exposure levels to identify how and with whom the asset is shared. ...
Building Blocks in Aperture Asset Policy
Building Blocks in Aperture Asset Policy An asset (or content) policy rule has the following information: Field Description Rule Name A name for the policy ...
New Features Introduced in November 2016
New Features Introduced in November 2016 The following topic provides a snapshot of new features introduced for Aperture™ in November 2016. Refer to the Aperture ...
View Top Collaborators
Use the Collaborators widget on the Aperture Dashboard to review the top external domains assets are being shared with. ...
View Asset Details
Learn about how the Aperture service displays detailed information about an asset violating a policy rule. ...
Quarantine If an asset poses an immediate threat to your intellectual property or proprietary data, you can automatically move the compromised asset to a quarantine ...
Supported Applications with Remediation
Supported Applications with Remediation Automated remediation is supported on the following cloud apps. Alternatively, you can Manually Remediate Risks for individual assets. Cloud Apps Quarantine ...
Monitor Scan Results on the Dashboard
Review the scan results reported by the Aperture service on a single dashboard. ...