This guide will walk you through the process of setting up a policy to automatically revoke access to certain apps.
App Policy is only supported in Google Environments.
STEP ONE:
Login to your instance.
STEP TWO:
Select the "x Enabled" policies button to the right of the desired Cloud Environment.
STEP THREE:
Select the App Policies Tab.
STEP FOUR:
Select the Add Policy button on the bottom right of the screen.
STEP FIVE:
Properties Column:
Policies can be setup to cover many different scenarios, you can enforce policy based off of app names, categories, scopes categories, or scopes.
App Name: The specific name(s) of the apps you would like to revoke access to.
App Category: The category(s) of an app, ex: Games.
Scope Category: Enforce policy on apps that require specific API privilege(s).
Scope: Specific required scope(s) for the app.
Trust:
Select the Risk level to block, or whether or not the app is sanctioned. Risk levels are assigned to each app based off of their required scores and whether they are sanctioned or not.
Usage:
Block apps for specific users, groups, or organizational units.
Specific User(s): Block access only for these users.
User Group(s): Block access for only these groups.
Organizational Unit(s): Block access only for these OU(s).
STEP SIX:
Select a remediation action.
Revoke Access: Remove the apps access to the account.
Warn User: Send the user a warning about the app.
STEP SEVEN:
Select when you would like the policy to run.
Immediately: Run as soon as the app is detected.
Later: Either in one to three days, or one to two weeks.
STEP EIGHT:
Select who gets notified when an action is taken.
Notify User: Send the user an email when remediation occurs.
Notify Admin: Notify the admin when remediation occurs.
NOTE: Notification emails can be customized for your organization. See the Email Customization Guide.
STEP NINE:
Select the save button at the bottom of the page.