Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Risk Factor Weight

Secure Cloud Access calculates cloud risk scores by applying the following four major risk factor attributes: security, compliance, environment, and privacy. Each attribute contains sub-attributes that are also weighted and scored. The calculation is stored in the Knowledge Base.

Because organizations have different security and compliance needs, modifications can be made to the default risk factor attribute levels by adjusting attribute weight percentages or by modifying the score itself.

By analyzing the risk distribution applied to cloud applications and by applying risk factor attribute weighting, the Knowledge Base assesses and displays the calculated risk scores for the cloud applications used in your organization. If you do not customize the risk factor attributes or the risk distribution, the Management Console displays the risk scores as calculated in the Knowledge Base.

If Lookout has enabled GDPR configurations for you, these charts will also show GDPR compliance.

Adjusting risk factor weighting might change (customize) the scores, whereas adjusting the risk distribution index changes score definitions of what is considered low, medium and high.

The Risk Factor Weight page (Administration > System Settings > Risk Factor Weight) displays the risk factor attributes and their corresponding percentages of importance. Risk factors with higher percentages represent factors of higher importance when analyzing the risk scores of cloud applications.

You can adjust the percentage of the weight factors to represent what you regard as most to least importance. For example, if an application's security factor rating is most important to your organization's needs, you can change the security weight factor to a percentage that has a greater value than the other factors. By adjusting the percentage of the security factor to a greater percentage, you increase the risk score to the cloud applications with poor security ratings.

Risk factor Category Description
Environment Evaluates the overall conditions of an application such as its hosting location, the type of data being stored, and how the data is being stored
Compliance Evaluates policy, law, and regulatory compliance
Security Evaluates an application’s security risk and vulnerability.
Privacy Evaluates the privacy policy for a cloud.

GDPR

(if enabled)

If GDPR configurations have been enabled for you, scores for GDPR compliance will also be reflected. For more information, see Configure GDPR.