Enable Incident Remediation
Skyhigh CASB provides remediation for DLP incidents that a user has manually deleted. This option is only applicable to DLP policies where quarantine/delete responses are not enabled and the incidents have the status New or Opened. Incidents are marked Resolved if a member of your team deletes or removes the file or updates the files and removes sensitive content.
Prerequisites
- To enable SSO SAML for Skyhigh CASB login, see SAML Configuration. For End User Remediation, make sure to authorize all users, not just admin users. If you only have basic authentication for Skyhigh CASB, End User Remediation cannot be enabled.
- To configure data storage for remediation, see Data Storage.
Enable Incident Remediation
- Go to Policy > Policy Settings.
- Select the Incident Remediation tab.
- Toggle Autonomous Remediation to ON.
- To enable End-User Input, toggle to ON. If SSO is not configured for your tenant, you will not see this option. Then select the response for Info, Warning, Minor, Major, and Critical severity incidents.
- Click Save.