Remediation Email Digest

Learn how SaaS Security API can send your end users an email digest with concrete actions users can take to remediate risks.
SaaS Security API examines file activity across supported SaaS apps and identifies policy violations. SaaS Security API notifies your users when SaaS Security API detects policy violations and provides the necessary visibility within an easy-to-use email digest. SaaS Security API generates and sends an email digest once per day to the following users:
  • Asset owners—An email digest that is unique to each asset owner who has security risks, describing what actions you took, if any, and what remediation actions you want asset owners to initiate.
  • Cloud app administrators (not to be confused with you, the SaaS Security API administrator)—A compilation of all asset owners’ violations for files that reside within the cloud app that the administrator manages; therefore, equipped with this knowledge, the Cloud app administrator can remediate independently of asset owners.
Administrators who actively assess email digest performance typically discover that the number of shared files drops noticeably soon after asset owners receive an email digest. An email digest is essential so, by design, you cannot disable this capability in SaaS Security API.
You can verify that SaaS Security API sent the email digest for a given policy violation by observing the actions taken in the Remediation Activity logs.
The goal of this email digest is to educate and encourage immediate remediation. The email digest contains one or two reports:
  • Files to Review
    —When a security issue is found, this email digest provides a description of the asset, the type of security risk, and the action that the asset owner (or Cloud app administrator) can take to remediate the risk.
    • How many files does an asset owner need to remediate?—Number of files in need to remediation displays in this section and directly corresponds to the violation counter located in the email digest banner. The violation counter acts like a scorecard, motivating asset owners to take action.
    • What does an asset owner need to do to remediate?—The email digest provides asset owners a
      Recommendation
      that describes the action the user can take to remediate the violation. You can modify this descriptor when you Add a New Asset Rule.
    • How does an asset owner quickly locate the file?—The email digest displays the filename.
  • Actions Taken
    —When a risk is automatically remediated, this reports provides a description of the asset, the type of security risk, and the action taken.
As soon as a policy violation triggers an incident for an email digest, SaaS Security API queues those records until the end of the day, then generates and sends the email digest around midnight or later depending on traffic and volume. Therefore, if an asset owner shares a file, then retracts later in the day, the remediated incident remains in the asset owner’s email digest until SaaS Security API generates the next email digest.
Although you cannot change the design, you can change the content.
  1. Select
    Settings
    Remediation Email Digest
    .
  2. Update the
    Subject
    and
    Body
    content as desired. Consider the following recommendations:
    • Personalize your tone: imagine you’re having a face-to-face dialogue with the asset owner.
    • Provide a concise and striking subject heading. The default subject is
      Exposure Risk Summary
      and is highly effective at attracting an asset owner’s attention.
    • Keep the email body brief. Include a call-to-action statement in the email body. You can use any of the variables outlined in Create a Custom Email Template.
    • Communicate the benefits and risks to public sharing. Include internal links to company support articles to inform asset owners of your organization’s policies and to procedures on how to change share settings for applicable Cloud apps.
    • Include your company logo.
  3. Specify sender information.
  4. Click
    Include company logo in email
    to include logo.
  5. Save
    your changes.

Recommended For You