SaaS Security
Add a New Data Asset Policy Rule
Table of Contents
Expand All
|
Collapse All
SaaS Security Docs
Add a New Data Asset Policy Rule
Learn how to create a new data asset policy rule.
Data Security enables you to add new policy rules for scanning assets (content) stored
on your sanctioned SaaS applications. For example, you can create a policy rule that
triggers an alert based on match criteria (for example, an asset's exposure is set
to Public) needed to protect a specific asset. An exclamation point for your cloud
app denotes no active rules.
When you create a new data asset policy rule, you have the option to automatically remediate
incidents that violate that policy rule. Automatic remediation is a powerful tool
and can modify a large number of assets in a short amount of time: before you
include these remediation actions in additional policy rules, perform a test using
one policy rule and a small set of assets.
- Log in to Strata Cloud Manager.Select ConfigurationSaaS SecurityData SecurityPoliciesData Asset PoliciesAdd Policy.You have to complete three steps to create a data asset policy rule. They are:
- General Information
- Match Criteria
- Rule Actions
General Information- Enter a Policy Name and an optional Description.Select a Severity (building blocks in asset rules) for the policy rule.Verify that the Status is Enabled.Match Criteria: Configure the match criteria (for example: Activity, Asset, Data Pattern, Exposure, and others) that you require for your data asset policy rule and click Next.
- If you configure your match criteria correctly, a green color border appears on those specific match criteria items.
- If you configure your match criteria incorrectly or leave it incomplete and try to proceed with the next step, a red color border appears on those specific match criteria items along with a specific error message.
- Click the reset button if you want to get back to the default setting for that specific match criteria.
A sample screenshot is given below.Rule Actions- Specify Auto Remediation Action and automatically remediate for change sharingwhen there are policy rule violations.Configure Other Actions for your policy rule:
- Send Slack Alert
- Apply Data Label: Microsoft Labeling for Office 365 and Google Drive Labeling
- Create IncidentAssign the incident to a user and send an administrator email alert.
Save Policy to create your new data asset policy rule.Data Security starts scanning files against the data asset policy rule as soon as you save the changes. After the scan starts, you can start to assess new incidents and fine-tune your new policy rule.