Monitoring of access to cloud services by employees of the organization

Users with the Senior security officer role can configure the monitoring of access to cloud services by the organization’s employees. Cloud services include, for example, Microsoft Teams, Salesforce, Microsoft Office 365.

Configuring the monitoring of access to cloud services involves the following steps:

1. Enabling service discovery.

   When service discovery is enabled, Kaspersky Anti Targeted Attack Platform displays a table of all cloud services and categories available in the application database.

2. Enabling the monitoring of access to services.

   Kaspersky Anti Targeted Attack Platform registers attempts of employees of the organization to gain access to services for which monitoring is enabled. When access to the service is detected, the application creates an alert. You can find these alerts by filtering alerts by the name of the CASB technology in the table of alerts or by viewing alert information in the Alerts by technology widget.

The functionality of monitoring access to cloud services is available if the application is activated with the KATA + NDR license key.

Users with the Security auditor role can view the settings of service monitoring. Users with the Security officer role do not have access to this section of the web interface.

In distributed solution and multitenancy mode, service monitoring settings configured on a PCN are not applied to SCN servers connected to that PCN. You can configure service monitoring on each selected SCN server separately.

Page top