how do you guys handle sharing files outside the org?
You can set-up a few interesting automations and Workflows within BetterCloud to notify you of external shares
and handle accordingly
yeah i was considering whether it's feasible to use an approval workflow
generally speaking we're not against external sharing, until we are LOL
@flm369 BetterCloud does have a Wait for Approval step. I prefer more automated Workflows that have a "soft landing" in them via a Wait for Duration step. After that then remediating the sharing settings (as long as it's not some horrible PII issue). PII gets the hard cut off and a notification/ticket to relevant parties.
yeah good idea
You can also split it up by OU/Dept or whatever, so Marketing is a bit more lax than Legal/HR. Or whatever your policy is. If it doesn't exist, it provides a great way for IT/CorpEng to provide value back to the Org.
so we've got some hard and fast DLP settings for dealing with blatant PII violations, but more recently we're looking at fixing the termed employee use case. an employee might catch wind of their inevitable termination and share a bunch of non-PII stuff to a personal account ahead of it.
Yea, setting threshold alerts is also helpful.
If downloading x amount of files, open InfoSec ticket, ping Security Slack channel, etc etc
right now the best idea i have to address it is to take the OU approach as @blair mentioned and restrict external access to the offboarding OUs
our SOC gets too many alerts right now for there to be a comprehensive solution there unfortunately
Why not just use Okta group push to Jira?
Hi Dimitri! We found that there is a slight propagation delay between creating the Atlassian user and when they are viewable in the API. I would recommend adding a 1 hour wait for duration period to your workflow after the user has been created and right before you add the user to the different Jira and Confluence groups. That should help mitigate that skipping issue!https://screenshots.bettercloud.com/QwuAY8q5
If you build workflows for each team it seems like thats adding a ton more work compared to using the SCIM connector in Okta to manage groups. Especially if using a 1 workflow per team onboarding, team change and offboarding with 100 teams you now have 300 workflows to maintain vs just 1 mapping in the SCIM Push Group Okta config.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.