SaaS Security
Remediation Email Digest
Table of Contents
Remediation Email Digest
Learn how Data Security can send your end users an
email digest with concrete actions users can take to remediate risks.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Data Security license:
|
Data Security examines file activity across supported SaaS apps and identifies incidents that violate policy.
Data Security notifies your users when Data Security detects
incidents and provides the necessary visibility within an easy-to-use email digest.
Data Security generates and sends an email digest once per day to the
following users:
- Asset owners—An email digest that is unique to each asset owner who has security risks, describing what actions you took, if any, and what remediation actions you want asset owners to initiate.
- Cloud app administrators (not to be confused with you, the Data Security administrator)—A compilation of all asset owners’ incidents for files that reside within the cloud app that the administrator manages; therefore, equipped with this knowledge, the Cloud app administrator can remediate independently of asset owners.
Administrators
who actively assess email digest performance typically discover
that the number of shared files drops noticeably soon after asset
owners receive an email digest. An email digest is essential so,
by design, you cannot disable this capability in Data Security.
You can verify that Data Security sent the email digest for a given incident by
observing the actions taken in the Remediation Activity logs.
The
goal of this email digest is to educate and encourage immediate
remediation. The email digest contains one or two reports:
- Files to Review—When a security issue is found, this email digest provides a description of the asset, the type of security risk, and the action that the asset owner (or Cloud app administrator) can take to remediate the risk.
- How many files does an asset owner need to remediate?—Number of files in need to remediation displays in this section and directly corresponds to the incident counter located in the email digest banner. The incident counter acts like a scorecard, motivating asset owners to take action.
- What does an asset owner need to do to remediate?—The email digest provides asset owners a Recommendation that describes the action the user can take to remediate the incident. You can modify this descriptor when you Add a New Data Asset Policy.
- How does an asset owner quickly locate the file?—The email digest displays the filename.
- Actions Taken—When a risk is automatically remediated, this reports provides a description of the asset, the type of security risk, and the action taken.
As
soon as Data Security detects an incident for an email digest,
Data Security queues those records until the end of the day,
then generates and sends the email digest around midnight or later
depending on traffic and volume. Therefore, if an asset owner shares
a file, then retracts later in the day, the remediated incident
remains in the asset owner’s email digest until Data Security
generates the next email digest.
Although you cannot change
the design, you can change the content.
- Select .
- Update the Email Configuration, Email Logo, and Template as desired. Consider the following recommendations:
- Personalize your tone: imagine you’re having a face-to-face dialogue with the asset owner.
- Provide a concise and striking subject heading. The default subject is Exposure Risk Summary and is highly effective at attracting an asset owner’s attention.
- Keep the email body brief. Include a call-to-action statement in the email body. You can use any of the variables outlined in Create a Custom Email Template.
- Communicate the benefits and risks to public sharing. Include internal links to company support articles to inform asset owners of your organization’s policies and to procedures on how to change share settings for applicable cloud apps.
- Include your company logo.
- Save your changes.