Using CloudSOC Access Profiles

book

Article ID: 184297

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

Need a better understanding of the purpose of Access Profiles.

Resolution

Access profiles create different types of administrators with varying levels of access to:

  • CloudSOC apps
  • Cloud services and the scope of data available from each
  • Activation and deactivation of Securlets and Gatelets
  • Audit data sources
  • User identity and activity information
  • CloudSOC settings
  • Domains
  • Organization units

For example, you might create a tier 1 administrator with only read access to a basic set of CloudSOC functions, and create other tiers of administrator with greater levels of access and responsibility.

Note: You must have Sysadmin status in order to create or modify access profiles. If you have only Admin status, CloudSOC does not let you open the access profile interface. Once you create an access profile, you then assign it to one or more admins. Each admin can only have one access profile.

CloudSOC comes with a pre-defined access profile called Default Admin Profile. This profile grants a minimal amount of access privilege. You can edit the default profile, and you can also delete it if it is not the only access profile.

Access profiles also affect CloudSOC API keys. Those keys inherit the access privileges of the CloudSOC user who configured them. You can use this feature to limit API keys to specific domains, SaaS services, and CloudSOC apps by creating a CloudSOC admin user specifically to enable the API key, and assigning it an access profile that limits its access.

Note: As you work with access profiles for CloudSOC administrators, ignore the Group function that you encounter on the CloudSOC Users and Groups page. The Group function is for organizing network users who are managed by CloudSOC, and is not relevant to CloudSOC admins or system admins.