Control Access to SaaS Apps and Reduce Risks of Shadow IT
  

Darrel_IAM Lv2Posted 2019-Feb-18 10:02

Last edited by Darrel_IAM 10 Apr 2019 10:15.

=Background=

With the rise of Internet and evolution ofWeb 2.0 and HTML 5.0, increasing number of software vendors provide SaaSservices, bringing convenience as well as risks of shadow IT. Shadow IT refersto any application built and used within organizations without knowledge,approval, management of organizations and may cause hidden risks and costs.There are thousands of cloud-based applications running on the network of alarge organization and most of those applications are shadow services. Sincethey are not under the supervision of IT departments, it poses great risks andcompliance breach issues. Therefore, how to control shadow IT becomes an urgentproblem for organization information security:


   How to identify and assess SaaS application ?

   How to detect and cope with hidden risks ofShadow IT?

   How to control SaaS application?




=The Ideal Solution From Sangfor  =

Sangfor Ways of Coping With Shadow IT:Insightful Analysis and Policy-based Control


1.Discovering SaaS Applications

       Log in to admin console and navigate to "Status" > "SaaS Applications" to see the newly found SaaS applications on the network that are marked with "New".


      Discovered SaaS applications can be sorted bysanction status, number of outgoing files, outbound traffic and number ofusers.


2.  Before a SaaS application is changed tosanctioned status, it should be assessed by administrators according to needsof organization. Sanction status can be changed in either of the followingways:  

  • Changing sanction status of a SaaSapplication in SaaS Application Database tab




  • Changing sanction status of a SaaS application in Application tab





3. Access Control on Unsanctioned SaaSApplications

Step 1: Click on the Associated Policycolumn, as shown below: 



Step 2: Add access control policy by clickingon Add button on Policies page, check Applications and click Add on AccessControl page.


Step 3: Click on SaaS tag, check a specificapplication (e.g. Google Driver), and select Reject for its action, as shownbelow:


486935cad4af5dbbda.png (64.23 KB, Downloads: 1143)

486935cad4af5dbbda.png

737015cad4b0eef8a3.png (178.24 KB, Downloads: 1151)

737015cad4b0eef8a3.png

Like this topic? Like it or reward the author.

Creating a topic earns you 5 coins. A featured or excellent topic earns you more coins. What is Coin?

Enter your mobile phone number and company name for better service. Go

Faisal Posted 2021-Aug-07 10:03
  
Thank you very much for the information ...
Darrel_IAM Lv2Posted 2019-Apr-10 10:17
  
  Version release soon ,