Manage Policy for Sanctioned SaaS Apps in Data Security
Learn how Data Security policy helps you improve
your security posture.
Where Can I Use This? | What Do I Need? |
|
Or any of the following licenses that include the Data Security license:
|
Policy in Data Security is simple and aims to create an awareness of content and user actions
and minimize the risks associated with the use of sanctioned SaaS and IaaS applications.
Data Security policy enables you to monitor and enforce responsible use of assets
(files or other data) and protect against malware, malware propagation, regulatory
noncompliance, and data leaks that are caused by human errors, such as promiscuous or
inadvertent sharing, and sharing content using links without establishing an expiration
date. When Data Security detects a policy violation, it generates an alert to notify
you of an active incident related to malware, a security breach, or a compliance
violation and, if configured, takes automatic action to remediate the incident.
Data Security offers policy types that give you the controls to manage assets,
user activity, third-party apps, and security controls across all supported SaaS and
IaaS applications. A
log is generated for events that
match a policy rule when logging is enabled for the rule.
Data Security scans supported file types for supported SaaS apps. As
Data Security starts scanning your cloud apps,
monitor the
assets, content types, incidents, users, policy violations, collaborators, and domains
that the service discovers during the scan.
Asset
|
Asset policy rules enable you to identify
issues with data governance. To know about what type of content is
stored in the cloud app and who has access to it, content security
rules use data patterns and match criteria to automatically discover
activity in your sanctioned SaaS applications and remediate
incidents around data segregation, personal and financial
information, intellectual property, malware, data breaches, and
sensitive documents in your organization.
|
User Activity
|
User activity policy rules
enable you to identify abnormal behavior. To know about unusual user
activity or compliance violations, you can use match criteria to
monitor activity such as downloading or exporting data out of the
SaaS application, set the activity threshold that triggers a policy
violation, and track the IP address where the activity was
initiated.
|
Group
|
Group-based policy offers granular
enforcement of asset rules based on Active Directory user group
information.
|
Security Controls
|
Security controls policy
rules enable you to define rules that monitor email
activity in SaaS applications and proper configuration in IaaS
applications to prevent data exfiltration and exposure. These rules
unlike the content Security policy focus on administrators of an
application instead of users.
|