: Enable Group-Based Incident Management
Focus
Focus

Enable Group-Based Incident Management

Table of Contents

Enable Group-Based Incident Management

Learn how to enable group-based incident management on Data Security.
See Common Services: Identity and Access if you are using the Cloud Management Console.
Group-based visibility requires Azure Active Directory integration, which has many benefits, including flexibility with incident management on Data Security.
Data Security enables you to limit an administrator’s access to cloud assets by defining the groups that you want the administrator to monitor for incident management purposes. First, however, you must Connect Azure Active Directory to SaaS Security.
To enable group-based incident management, you need to:
  • Assign the Incident Management role to an administrator on Data Security.
  • Select the Active Directory groups that you want to make visible to that Incident Management administrator.
Using teams, Data Security enables you to further customize an administrator’s access to specific cloud apps.
  1. Create an administrator account.
    As you create the account:
    1. Assign the administrator Incident Management role.
      This role limits the permissions for this administrator on Data Security.
    2. Choose the AD Groups to limit Directory Group Visibility and Save your changes.
    3. Save the new account when you’re done choosing among the other options.
  2. Invite your Incident Management administrator to log in.
    When the incident management administrator logs in to SaaS Security, while they have limited access to most of the interface, they will be able to view asset details for the incidents generated by users who belong to the AD groups you included above.