A robust cybersecurity strategy includes user activity monitoring, scrutiny of suspicious behavior, and comprehensive risk assessment. The SpinOne platform streamlines this workflow by centralizing user activities, events, and incidents into a single pane of glass view and provides each user with a cumulative Security Risk Score (SRS).
Available on SpinOne and SpinSPM subscriptions for Google Workspace and Microsoft 365.
Overview
User Audit contains a summary of every user, including their SRS, status on SpinOne platform, and account risks. Users can be selected to view risk details for the selected user.
User Risk Details
User Risk Details contains 6 sections:
- User Information: A comparison of the user's SRS to others within the organization and to others within the same organizational unit. Additional information is included around the user's role and permissions in the selected SaaS application.
- Security Risk Score (SRS): A breakdown of activities that contribute to the user's SRS and a 14-day trend of the user's SRS.
- Data Insights: Information about the user's backup data.
- User Exposure: Information about the user's exposure from sensitive data, third party applications, and group connections
- Location: A display of the user's geographic location.
-
User Risks: Information about potential user risks and activities, separated into 6 tabs:
- Overview: A timeline of events over the last 14 days that contributed to the user's SRS.
- Activity Log: A log of all the user's activities.
- Incidents: A log of all the user's incidents that have been triggered by security policies.
- Apps: A list of all applications that the user used.
- Data: A list of all the user's data that either contains sensitive data or is shared externally.
- Posture: A list of security controls that the user should address.
Score Configuration Settings
The SRS can be tailored to your organization's risk profile by adjusting the risk weight of each activity and event. From the User Audit page, navigate to Score Configuration Settings.
Users' SRS is calculated based on three categories: Activity, Incident, and Configuration. Each category has its own tab and contains subcategories with adjustable risk weightings.