: Enable Group-Based Incident Management
Focus
Focus

Enable Group-Based Incident Management

Table of Contents

Enable Group-Based Incident Management

Learn how to enable group-based incident management on
Data Security
.
See Common Services: Identity and Access if you are using the Cloud Management Console.
Group-based visibility requires Azure Active Directory integration, which has many benefits, including flexibility with incident management on
Data Security
.
Data Security
enables you to limit an administrator’s access to cloud assets by defining the groups that you want the administrator to monitor for incident management purposes. First, however, you must Connect Azure Active Directory to SaaS Security.
To enable group-based incident management, you need to:
  • Assign the Incident Management role to an administrator on
    Data Security
    .
  • Select the Active Directory groups that you want to make visible to that Incident Management administrator.
Using teams,
Data Security
enables you to further customize an administrator’s access to specific cloud apps.
  1. Create an administrator account.
    As you create the account:
    1. Assign the administrator Incident Management role.
      This role limits the permissions for this administrator on
      Data Security
      .
    2. Choose the
      AD Groups
      to limit Directory Group Visibility and
      Save
      your changes.
    3. Save
      the new account when you’re done choosing among the other options.
  2. Invite your Incident Management administrator to log in.
    When the incident management administrator logs in to SaaS Security, while they have limited access to most of the interface, they will be able to view asset details for the incidents generated by users who belong to the AD groups you included above.

Recommended For You