About SaaS Policy

Atmos API CASB empowers you to create custom policies that serve two critical functions:

  1. Discover Sensitive Data at Rest: With Atmos API CASB, you can define rules to automatically scan and identify sensitive data that resides within your cloud environment. Whether it's personal information, financial data, intellectual property, or other critical assets, these rules help you locate and pinpoint sensitive data, even when it's not actively being accessed or shared.
  2. Determine Protective Actions: Once sensitive data is identified, Atmos API CASB allows you to set up predefined actions to safeguard that information. These actions will help you to ensure that sensitive data is protected according to your organization's security policies and compliance requirements.
  3. Establishing a Universal Security Posture for the Organization: The SaaS policy allows you to create a standardized security framework by leveraging SaaS Integration tags and re-usable Data Security profiles.

In essence, Atmos API CASB puts you in control, enabling you to proactively manage the security of your sensitive data at rest. This empowers you to not only discover where your valuable information resides within your cloud environment but also take the necessary steps to ensure it remains safe and compliant.

About the SaaS Policy Page

To view your API CASB policies, go to Policy -> SaaS Policy.

The page contains a list of all the defined SaaS policies in your environment.

The SaaS Policy table presents the following attributes:

  • Enabled - Enables you to control whether to enable or disable the SaaS policy.
  • Name - The SaaS policy name.
  • Users - The user or user group the SaaS policy will apply for.
  • SaaS Application - The SaaS Integrations the policy will apply for. Note - You can specify more than one SaaS Integration or Tag in a policy rule which will apply the defined Data Security profiles on all integrations uniformly.
  • Security Profiles - Security profiles define which set of policies and security engines will run on the the configures SaaS Integrations. Each asset that is hosted on the SaaS Application has to comply with the entire list of security profiles, otherwise the configured action will apply.
  • Action - Any asset not compliant with the security profile will be subject to the configured policy action.

Add SaaS Policy

To configure API CASB policy rules, go to Policy -> SaaS Policy, and click on New SaaS Policy.

  1. Set the policy's Name.
  2. Set the policy criteria:
    1. Users - The users who own the files containing sensitive data.
    2. SaaS Application - Choose the SaaS integrations to which you want to apply the rule. You have the flexibility to select from the following options:
      1. All SaaS Integration
      2. SaaS Integration tags
      3. Specific SaaS Integrations
    3. Security Profiles - Select the security profiles that can detect sensitive or harmful files to be referenced by the rule.
  3. Actions: Select the action to be executed when the policy identifies content that doesn't comply with the security profiles.
    1. Alert - Generate an activity log that can be viewed in Activity Exploration table and Log streamed.
    2. Quarantine - Move the file to a restricted folder, remove permissions and update the file owner.
    3. Remove - Delete the file from the SaaS Application.

View SaaS Policies in Action

With the Activity Exploration table, you can stay informed about the actions and events occurring within your organization, empowering you to make informed decisions and ensure the security of your data and systems.

To learn more, click here.