Create an API Data Protection Policy

To discover existing data residing within your sanctioned cloud services, create an API Data Protection policy with the desired options and actions. The Netskope UI guides you through the process of configuring policies for each of your cloud apps on a single web page.

Cloud apps have unique features, so the policy options vary depending on the app you select on the top of the page. Choose the topic below for the app API connector you have configured.

For a list of supported actions per cloud app, refer to API Data Protection Policy Actions per Cloud App.

To configure a GitHub policy, follow the steps below:

1. Once you log in to the Netskope UI, navigate to Policies > API Data Protection.

2. Under the SaaS tab, click New Policy, and select the following options:

3. Under Application, select GitHub and select the GitHub app instance you created during the instance setup.

   Click Next.

4. Under Users, select the users you’d like to scan for:

   • All Users: Scans all GitHub users (including external users, if any).

   • External Users: Scans only users outside the GitHub organization.

     Click Next.

5. Under Activities > Select Activity drop-down, choose one of the following options:

   • Make Repositories Public: The policy will be triggered when one or more GitHub repository is made public.

   • User Added to Organization: The policy will be triggered when a user is added to the GitHub organization.

   • User Added to Repository: The policy will be triggered when a user is added to a GitHub repository of your choice. On choosing this option, select one or more repository.

     

     Click Next.

6. Under Action, select the Alert action. This section of the policy page specifies the action to be taken when a policy violation occurs. The Alert action generates alerts on the Skope IT > Alerts page when a policy matches.

7. Under Notification, configure the notification duration, and who to send the notification in case of a policy violation.

   1. Select None if you do not wish to send any notification.

      Or,

   2. Select the Notify once every option to specify how often to notify recipients and who to notify. Or, select Notify after each event to send a notification as soon as a violation occurs. Click on the adjacent toggle to specify a interval – 30 minutes, 60 minutes, 6 hours, 24 hours. You can send a notification to:

      • Admin: The admin email that was used during the GitHub instance setup.

      • Selected User: Specify comma separated user email addresses.

        With GitHub, if an administrator needs to be notified by email, you have to explicitly use the Select Users – Email Template option and specify the email address.

      • Optionally, you can enter an email address from whom the notification will be sent.

        

        Click Next.

8. Under Set Policy, enter the name of the policy followed by an optional description.

When finished, click Save, followed by Apply Changes. The policy that you just created will scan the GitHub organization and repositories specified based on your selections, and the action chosen occurs when there is a policy violation.