SaaS Security
Enable Group-Based Incident Management
Table of Contents
Enable Group-Based Incident Management
Learn how to enable group-based incident management on
Data Security.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Data Security license:
|
See Common Services: Identity and Access
if you are using the Cloud Management Console.
Group-based visibility requires Azure Active
Directory integration, which has many benefits, including flexibility with incident
management on Data Security.
Data Security enables you to limit an administrator’s access to cloud assets
by defining the groups that you want the administrator to monitor
for incident management purposes. First, however, you must Connect Azure Active Directory to SaaS Security.
To
enable group-based incident management, you need to:
- Assign the Incident Management role to an administrator on Data Security.
- Select the Active Directory groups that you want to make visible to that Incident Management administrator.
Using teams, Data Security enables you to further customize an administrator’s access
to specific cloud apps.
- Create an administrator account.As you create the account:
- Assign the administrator Incident Management role.This role limits the permissions for this administrator on Data Security.Choose the AD Groups to limit Directory Group Visibility and Save your changes.
![]()
Save the new account when you’re done choosing among the other options.Invite your Incident Management administrator to log in.When the incident management administrator logs in to SaaS Security, while they have limited access to most of the interface, they will be able to view asset details for the incidents generated by users who belong to the AD groups you included above.
