Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Associate Tags with Data Jurisdiction

  1. Last updated
  2. Save as PDF
Limited Availability: Tag Configuration is a Limited Availability feature. To classify and manage traffic and content across Sanctioned, Shadow, and Web services using tags, contact Skyhigh Support

Data Jurisdictions restrict user access to a second layer of role-based access control. Administrators can use Data Jurisdictions to limit user access to subsets of Shadow IT to restrict user access to specific features. The users only have access to data corresponding to that Jurisdiction in the Skyhigh CASB dashboard.

For Shadow IT, you can create Data Jurisdictions based on tags. Using these tags you can segment data by office location or functional group.

Once you create a Data Jurisdiction, you can assign users to it on the Users page. Users will not know which Data Jurisdiction they belong to, and they can only access the data corresponding to the Jurisdiction in the Skyhigh CASB dashboard. It will affect what the user can see in Filters, My Dashboard Cards, Reports, and Charts.

For example, you could configure Data Jurisdictions to allow a user in the Mountain View Office to see and access Users and Services corresponding to that office only. The user could not see User and Service information from any other geographic location. 

Create Data Jurisdiction for Shadow IT

Perform the following steps to create Data Jurisdiction for Shadow IT to associate it with tags:

  1. Go to Settings > User Management > Data Jurisdiction
  2. On the Data Jurisdictions page, click New Jurisdiction

    6. New Jurisdiction.png
     
  3. Click Shadow IT

    7. ShadowIT_Jurisdiction.png
     
  4. On the New Shadow IT Data Jurisdiction page, configure the following details, and then click Save:
    • Name. Enter a name for your Data Jurisdiction. 
    • Tags. Define your Data Jurisdiction by selecting one or more tags to associate it with.

      8. SelectTags_OnShadowIT.png

Edit a Data Jurisdiction

To edit a Data Jurisdiction:

  1. Go to Settings > User Management > Data Jurisdiction
  2. On the Shadow IT Jurisdictions tab, click the pencil icon next to the desired Shadow IT Jurisdiction to edit.

    10. Edit_DataJurisdiction.png
     
  3. Edit the selected Shadow IT Jurisdiction and click Save.

Set Data Jurisdiction

Once your Data Jurisdiction is defined for a tag, you can assign users to limit access to the selected Shadow IT data on the Settings > User Management > Users page. 

Perform the following steps to set a Shadow Data Jurisdiction tag to the selected users: 

  1. Go to Settings > User Management > Users.
  2. Select the checkbox for each user you wish to edit or select the checkbox in the first column to select all users.
  3. Select Actions > Set Shadow Jurisdiction.

    11. Select_UsersSet_DataJurisdiction.png
     
  4. On the Edit User, select Shadow Data Jurisdiction tab under Access Control.
  5. Select the required tag, and click Save.

    12. EditUserPage_Selecttag.png

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. Topic ID 874