home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Secure Cloud Access (CASB solution)

Creating Policies for Data Protection and Application Security

For Secure Internet Access and Secure Cloud Access, you can create policies that apply to one, some, or all cloud applications in your enterprise. For each policy, you can specify:

  • The types of information to which the policy should apply - for example, content that includes credit card or Social Security numbers, files that exceed a specific size, or files of a specific type.
  • The users or groups of users to which the policy should apply, the folders or sites, or whether files can be shared internally, externally, or with the public.
  • You can assign one or more protection models to each cloud application you onboard. These protection models enable you to apply the types of protection most needed for the data stored on those cloud applications.
  • You can also create policies that control access to keys that protect encrypted data. If access to a key is blocked by a policy, users cannot access that data protected by that key.

  • For Secure Internet Access, you can create policies and apply them to control access to categories of websites, and specific sites.

Creation of a policy typically involves these steps:

  • Step 1. Enter a policy name and description.
  • Step 2. Select content rules for the policy. Content rules are the "what" of a policy - they specify the type of content to which rules should apply, and what rule types apply to the policy. Secure Cloud Access enables you to create content rule templates that can be applied to multiple policies.
  • Step 3. Select the cloud applications to which the policy should apply.
  • Step 4. Define context rules, actions, and notifications for the policy. Context rules are the "who" of a policy - they specify to whom the rules apply and when. Actions are the "how" and "why" of a policy - they specify what actions must occur to address violations of the policy.

  • Step 5. Confirm the policy. Save the policy settings and put the policy into effect.

Note about Slack cloud applications

When creating policies for Slack cloud applications, keep the following items in mind:

  • Remove Collaborator works only for the following content and context definition:
    • Content: NONE
    • Context: Member Type
    • Data Type: Structured
  • Addition of members to a channel is an independent event, which is not associated with messages, files, or any other event in the channel. (The group_add_user is the event type.)
  • The group_add_user contains no content. There is no structured or unstructured data.
  • Because files are org-level properties in Slack, they do not belong to any particular channel or workspace. As a result, you must select structured data as the event type.

  • Member Type context: By default, Slack is a sharing cloud, and uploading a file or sending a message to a channel is in itself a sharing event. As a result, a new context (apart from the existing sharing type) is available to help manage events for Slack cloud applications.

Note about Office 365 cloud applications (OneDrive)

  • When files are uploaded to OneDrive, the Modified By field in OneDrive displays the name

    SharePoint App instead of the name of the user who uploaded the file.

Note about continuous authentication in policies

Continuous authentication must be enabled in the Management Console before it can be used in a policy. For example, if you want to include continuous authentication as a secondary action in a policy, make sure that continuous authentication is enabled in the Management Console.

If continuous authentication is selected in a policy, it cannot be disabled in the Management Console.

Note about capturing events in the Slack thick app

To capture events in the Slack thick app in forward proxy mode, you must log out of both the application and the browser and log in again to authenticate.

  • Log out of all workspaces in the desktop Slack app. You can log out from the application grid.
  • Log out from the browser.

  • Log in to the Slack app again to authenticate.

The following sections provide step-by-step instructions for creating policies to meet your data protection needs.

  • Viewing policy lists
  • App Access Control (CAC) policies
  • Cloud Authentication policies
  • API Access policies
  • Dynamic DRM policies

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.