Create a policy to block sharing with identified external users

Create a policy to block sharing with identified external users
Prerequisites for the API protection use casesRoles/actors using the use cases
  • Tenant creation 
  • User accounts created
  • CASB API Protection connected to CSP (Cloud Service Provider)
  • CSP (Cloud Service Provider) administrator
  • Cloud governance team
  • Security Analyst

To have a set of approved/identified users, a user profile can be created. The user profile can then be included in a policy and appropriate actions can be taken based on the actions (allow/block) selected in the policy. Follow the steps below to create a user profile.

  1. From the Netskope Console UI, click on Policies > Profiles > User.
  2. Click New User Profile
  3. Provide a name in the Profile Name box.
  4. Add the users to be approved in the Users Box.  This may also be populated via CSV import.
  5. Click Save.
  6. Click Apply Changes and then Apply again to activate the policy.
vrp_api_protect_use_case15-17.jpg

To modify the internal or external sharing settings in a policy or to incorporate the desired user profiles in a policy, follow the steps shown below:

  1. From the Netskope Console UI, click on the Policies menu item, then API-Enabled Protection.
  2. Click the New Policy button.
  3. In the Application box choose the Application and Instance for the policy and click next.
  4. In the Users box, choose the desired users and click next.
  5. In the Content box, select Specific Sharing Options and check the box for Shared Externally.
  6. Click Next and the Activity  box is shown.
  7. Choose Share. Make sure all other activities are not selected. 
  8. Click Next multiple times until the Action box is shown.
  9. Set the Restrict Access level:
    1. To allow sharing with approved external users, set the Action to Restrict Access and the Restrict Access Level to ‘Allowlist User Profiles’ and select the User Profile to the one created earlier. 
    2. To block access to identified external users, set the Action to Restrict Access and the Restrict Access level to ‘Blocklist user profiles and select the User profile to the one created earlier.
    3. To block access to identified external users,  set the Action to Restrict Access and the Restrict Access level to ‘Remove Public Links’.
  10. Click Next until the Set Policy box is shown.
  11. Provide a name for the policy in the Policy Name box.
  12. Click Save. 
  13. Click Apply Changes and then Apply again to activate the policy.
vrp_api_protect_use_case15-17b.jpg
vrp_api_protect_use_case15-17c.jpg

To view the alerts triggered by the policies navigate to Skope IT > Alerts.

  1. Click Add Filter > Policy Name and choose the name of the desired policy.This shows all alerts triggered by the specified policy.

To learn more: Understanding API Protection

Share this Doc

Create a policy to block sharing with identified external users

Or copy link

In this topic ...