Embed Size (px)
Citation preview
Intro to SysCloud’s Next Generation
Backup, Security and Compliance Center
SysCloud Threat CenterBefore You Start: Your Organization Profile
● Before you begin using the New Generation product, enter the SysCloud application as you normally would and respond to the questions in the “Your Organization Profile” prompt
● This information will allow SysCloud to better assess your organization and its applicable threats and regulations
● Afterward, enter SysCloud and click through the quick Get Started tour
SysCloud Threat CenterOverview
● 17 Industries Supported
● 4 Modules including: Backup/Restore, DLP, Compliance, User Behavior
● 21 Compliance Laws, Policies and Requirements Covered
● 79 Metrics Included
● 3 Cloud Apps including Google Apps, Salesforce, Box
SysCloud Threat CenterThreat Center Dashboard
● The SysCloud Threat Center allows you to scan your Google Apps data and show the threats most relevant to your organization
● The Threat Center highlights risks due to user errors from Behavior, Backup & Restore, Data Loss Prevention, and Compliance modules
SysCloud Threat CenterThreat Cards
● In the Threat Center, admins can view information in individual “Threat Cards”
● Each Threat Card is a white box (“card”) with a specific threat faced by your organization
● Users can hover over Threat Cards to see the risks they face and the ways in which they can be remediated
● Users can dive deeper into Threat details including options to view items and take actions
SysCloud Threat CenterThreat Center User Behavior
● Admins can view user behavior, including suspicious logins
● Admins can drill down to see login details including failed attempts, successful logins, and their locations
SysCloud Threat Center
Threat Card Deep View
In a Threat Center deep view, admins can view full violation details, including violation date, collaborator, owner, threshold, and statusAdmins can:
● Click into the violation to see document or email previews
● Download violations for reporting purposes
● Filter results based on risk thresholds
● Take action on violations, including quarantine of documents
SysCloud Threat CenterData Loss Prevention Module
● From the Threat Center or top navigation drop down menu, users can click into the Data Loss Prevention (DLP) Module to gain sharing insights
● Data Loss Prevention monitors and reports access, sharing patterns inside and outside the organization
SysCloud Threat CenterData Loss Prevention Dashboard
From the Data Loss Prevention (DLP) Dashboard, Admins can view sharing and collaboration and monitor data leakage
Admins can:● Drill down to see where and to
whom documents are being shared
● View information by users, domains, apps, and particular documents
SysCloud DLPDomain Sharing Insights
● From sharing insights, Admins can click into violations, preview documents, filter results, and download results in CSV form for further analysis
● The view to the left is domain sharing insights, but Admins can view document and use sharing insights as well
SysCloud DLPUser Sharing Insights
● ● Under DLP menu, there is a range of reports under Reports
● Admins can drill down to sharing detail and view information by users, domains, and documents and emails
SysCloud ComplianceCompliance Module
● From the Threat Center or top navigation menu, Admins can click into the SysCloud Compliance module.
● You can initiate a compliance scan of documents, emails, and chat messages to see where and what type of information is being created and/or shared
● The Compliance module compares its scanning insights to existing regulations and finds risks
● Admins can take action by setting specific compliance policies
SysCloud CompliancePolicy Templates
● Admins can enter the Compliance module and create a policy from a number of pre-existing templates
● These templates are based on regulations and specific to industries
● Admins can select a template and activate a policy, or customize and activate a policy
● SysCloud templates monitor 21 regulations across 17 industries
SysCloud CompliancePolicy Creation
When creating policies, admins have a large degree of freedom to customize and fine-tune policy settings.
Admins can:
● Select who and what policies apply
● Write custom policy rules and conditions
SysCloud CompliancePolicy Creation Detail
Furthermore, admins can also customize:
● Who: Choose which org units to apply policies to● What : Choose which services they want policies
to cover● Applications to cover: Monitor and remediate
risks in both gmail and chat● Conditions to Monitor: Set specific conditions
for SysCloud to scan for (pre-built template patterns, keyword patterns, reg-ex patterns)
● Classification: Create risk thresholds for various conditions (low, high, and medium risk)
● Reporting: Use these thresholds to combat false positives and filter violations based on criticality
SysCloud CompliancePolicy Creation Further Detail
Actions : Admins can also build actions into their policies. When users violate policies, admins can:
● Revert sharing permissions● Quarantine documents● Auto encrypt files● Allow the users to justify their
violations (exception management)
● Approve or reject justifications● View violations in a violation
report
SysCloud Apps FirewallApps Firewall
● In the Apps Firewall module, admins can monitor third party apps installed by users into their Google Drive
● Admins can create New Policies, blocking (blacklist) and allowing (whitelist) specific third party apps
● Admins can view the 3rd Party Apps Report for a comprehensive report on 3rd party apps activity
SysCloud ToolsMessaging
● Within the Tools module, admins can customize messaging and choose who to notify of policy violations
● Admins can also select from pre-made templates to communicate with end users
SysCloud ToolsTasks
● Within the Tools module, admins can create tasks to admins for themselves and their team including completion dates
● This makes task delegation simple and lowers administrative work overload
SysCloud ToolsGoogle Drive Encryption
● Within the Tools module, admins can offer users a tool to encrypt Google Drive files
● Everyone besides the document owner will be prompted for a password when opening sensitive files
SysCloud Setup & Settings
● Admins can now assign managers to users via organization units by uploading a CSV file
● Managers are granted privileges to view and release quarantined Google Drive documents
● This allows for lower administrative workload and appropriate delegation of responsibilities
