This overview will show you the various features and functionality found on the Summary Page within Cloud Access Monitor.
TIME FRAME:
The time frame for the summary page is set in the top right of the screen. Any Boxes that are not time locked will adjust their time frame according to this setting.
Time-locked Boxes:
Some boxes on the Summary Page are not time sensitive, and will not change with the time frame. Boxes that are not time sensitive will be marked with the Time Lock Icon.
RISK:
The risk box will display all risks that have been found in your environment within the time frame. Risks found in emails will contain an envelope icon, while risks found in files will have a page icon.
More: The More link will take you to the Risks Tab, which will display all risks.
Number of Risks: Each risk type will display the number of risks associated with it. Click the number to view the risks.
Source Drop-down: The source drop-down box will allow you to filter results by their source (Email, Drive).
Secure Score (MICROSOFT ONLY):
Secure score is a total rating of your organizations security based on Microsoft's evaluation of your environment. More information can be found on the security status of your organization by clicking the More Details link.
APPS:
The Apps Box will display high level information about apps being used. Apps are divided by their risk levels, as well as by their access levels. Clicking any blue text will take you to the Apps Tab, and provide more detailed information.
Note: The Apps Box is not time sensitive and will display all app data regardless of time-frame.
EMAIL SUMMARY:
The Email Summary Box will display information about risky emails found in the specified time period. Selecting the More link will take you to the Emails Tab. Selecting any of the numbered links will display only the relevant emails.
Risk: Emails found to be containing risk such as PCI, Profanity, or PII.
Phishing: Emails found to contain known phishing links.
Malware: Emails found to contain Malware files.
Popular External Domains: The most popular outside domains within emails will be displayed.
FILE SUMMARY:
The File Summary Box will display information about the total number of files, how many were outgoing, and how many were incoming. Selecting More will take you to the Drive / Onedrive Tab, selecting any of the numbered links will display only the relevant files.
SHARE DRIVE or SHAREPOINT/TEAMS :
The Team Drive Box will display information on the total number of files within Team Drive, and how many are outgoing. Selecting the More link will take you to the Team Drive Tab.
Note: Team Drive Box is not time sensitive.
MALWARE:
The Malware Box will display all potential malware found in your environment within the time frame. Scans can show as either Malicious, Suspicious, or Unknown. Malware found in emails will be marked with an envelope icon, while malware found on drives will be marked with a page icon.
More: The more link will take you to the Malware Tab, where all malware will be displayed.
Number of Malware: Next to each scan type will be the number of malware found, and a source. Clicking a number will take you to those risks.
ACCOUNTS BOX:
The Accounts Box will display all login activity within the selected time frame. Logins will be shown on the world map, showing the different kinds of logins the occur. Selecting the More link will take you to the Accounts Tab.
Login Activity:
Suspended Accounts: The total number of suspended accounts.
Suspicious Logins: The number of suspicious logins out of total logins recorded.
Graph: The graph will display all logins, Approved, Unapproved, and Suspicious Approved / Unapproved.
Logins Map:
The Logins Map will show each login, and information about whether it was Approved, Unapproved, or suspicious. Holding the CTL Key will allow you to navigate the map.
Selecting a Location: Clicking a pin on the map will display all logins from that location. Accounts with an exclamation point have suspicious activity.
Recently Logged In Users:
The recently logged in users box will show all users that have logged in within the time frame selected.
Suspicious Logins: Suspicious logins will be displayed with an exclamation point next to them. Select an account to get more detailed login information.
SIGN IN EVENTS DROP-DOWN:
You can filter sign-in events by selecting the drop-down above the map. Select the events you would like to see, and results will be filtered.