Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Associate Tags with Data Jurisdiction

  1. Last updated
  2. Save as PDF

Data Jurisdictions introduce a second layer of role-based access control to restrict user access. Administrators can use Data Jurisdictions to limit user access to subsets of Shadow IT, thereby restricting access to specific features. Users can only access data that corresponds to their assigned Jurisdiction in the Skyhigh CASB dashboard.

For Shadow IT, you can create Data Jurisdictions based on tags. These tags allow you to segment data by office location or functional group.

Once a Data Jurisdiction is created, you can assign users to it on the Users page. Users will not be aware of which Data Jurisdiction they belong to, and they will only have access to data associated with their assigned Jurisdiction in the Skyhigh CASB dashboard. This affects what users can see in Filters, My Dashboard Cards, Reports, and Charts.

For example, you could configure Data Jurisdictions to allow a user in the Mountain View Office to see and access Users and Services corresponding to that office only. The user could not see User and Service information from any other geographic location. 

Create Data Jurisdiction for Shadow IT

Perform the following steps to create a Data Jurisdiction for Shadow IT to associate it with tags:

  1. Go to Settings > User Management > Data Jurisdiction
  2. On the Data Jurisdictions page, click New Jurisdiction

    6. New Jurisdiction.png
     
  3. Click Shadow IT

    7. ShadowIT_Jurisdiction.png
     
  4. On the New Shadow IT Data Jurisdiction page, configure the following details, and then click Save:
    • Name. Enter a name for your Data Jurisdiction. 
    • Tags. Define your Data Jurisdiction by selecting one or more tags to associate it with.

      8. SelectTags_OnShadowIT.png

Edit a Data Jurisdiction

To edit a Data Jurisdiction:

  1. Go to Settings > User Management > Data Jurisdiction
  2. On the Shadow IT Jurisdictions tab, click the pencil icon next to the desired Shadow IT Jurisdiction to edit.

    10. Edit_DataJurisdiction.png
     
  3. Edit the selected Shadow IT Jurisdiction and click Save.

Set Data Jurisdiction

Once your Data Jurisdiction is defined for a tag, you can assign users to limit access to the selected Shadow IT data on the Settings > User Management > Users page. 

Perform the following steps to set a Shadow Data Jurisdiction tag to the selected users: 

  1. Go to Settings > User Management > Users.
  2. Select the checkbox for each user you wish to edit or select the checkbox in the first column to select all users.
  3. Select Actions > Set Shadow Jurisdiction.

    11. Select_UsersSet_DataJurisdiction.png
     
  4. On the Edit User, select Shadow Data Jurisdiction tab under Access Control.
  5. Select the required tag, and click Save.

    12. EditUserPage_Selecttag.png

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. Topic ID 874