SaaS Security
Identify Risky Unsanctioned SaaS Apps and Users
Table of Contents
Expand All
|
Collapse All
SaaS Security Docs
Identify Risky Unsanctioned SaaS Apps and Users
Learn how to identify and remediate risky apps on SaaS Security Inline.
Where Can I Use This? | What Do I Need? |
---|---|
|
Or any of the following licenses that include the SaaS Security Inline license:
|
SaaS Security Inline provides tools to help you identify risky SaaS apps and users,
including analytics, risk scores, and reports. After you identify your
organization’s risks, you have the following solutions to increase your security
posture:
- Author and submit SaaS security policy rule recommendations to address the risks. However, before you do so, consider some guidelines.
- Identify a competing product that’s more secure. Search the Application Dictionary by Category to find a suitable replacement.
- Notify users of the unsanctioned app to use the alternative, sanctioned app. Don’t forget to tag the sanctioned SaaS app.
- Change the risk score.
- Identify opportunities to develop training for employees and internal policies.
Identify Risky SaaS Users
Although Discovered Users, displays your list of users that are using discovered SaaS apps,
not all of those uses are risky. You’ll need to observe the users in the context
of the risky SaaS apps and overall app usage (MB). For example, if you find 100
users using WeTransfer but only a few people are uploading large amounts of
data, those users are likely risky users and require more scrutiny.
- Log in to Strata Cloud Manager.Select ManageConfigurationSaaS SecurityApplications.Filter on SaaS apps with a risk score of 4 or 5.Do one of the following:
- Click on the individual SaaS apps.
- Click on the number of users for the SaaS apps.
Sort the column by Usage.Identify Risky SaaS Apps
A risk score in SaaS Security Inline enables you to make decisions about the security posture of a given app. The risk score is between 1 (low risk) and 5 (high risk) and is based on compliance attributes. Key attributes have a higher impact on the score: the score is assigned by applying different weights to each compliance attribute and calculating the score based on whether the app meets those compliance standards.- Log in to Strata Cloud Manager.Select ManageConfigurationSaaS SecurityDiscovered AppsApplications.To navigate to the Discovered Applications view, select .Sort the table by Risk in descending order.Observe the Risk score for each SaaS app in the High risk category.Risk ScoreDescription4-5High Risk — Very likely to be a risk.3Medium Risk — Moderate risk.1-2Low Risk — Unlikely to be a risk.Open the Application Detail for the SaaS app to assess the risk characteristics (compliance attributes) that contribute to this risk score.