: Analyze Inherited Exposure
Focus
Focus

Analyze Inherited Exposure

Table of Contents

Analyze Inherited Exposure

Learn about the tools Data Security provides to help you analyze inherited exposure.
This feature is currently not available in the Cloud Management Console.
Data Security enables you to investigate the scope and source of the risky behavior and identify inherited exposure. Assets can inherit exposure from:
  • Parent folders. Explore an asset’s file and folder structure using the asset tree.
  • Shared Drives (Google Drive) or Team Folders (Dropbox). Browse the membership list.

Inherited Exposure from Parent Folders

Data Security enables you to explore an asset’s hierarchy. After you determine the root-cause of the inherited access, you can remove the direct link on the file(s) or all direct and indirect exposures through parent folders, depending on the cloud app. You can take these actions manually or automatically.
  1. Select ExploreAssets or ExploreIncidents.
  2. Click on an asset.
  3. Locate the Explore pane or ActionsExplore.
    Wait a few seconds for the asset tree to load.
  4. Observe the icons on the assets.
    • Red exclamation point—Denotes policy violations.
    • Exposure icons—Denotes associated risks, including the creation date, file type, exposure, owner.
  5. Select any object in the asset tree to display information about assets within the same parent folder.
    To:Click on:
    Display more files in root or parent folder.
    Show more link or folder link in Directory Path
    Collapse a column.
    Hide more link or folder link in Directory Path
    Adjust the asset tree.
    Recenter link or drag the tree
    Identify the policies this asset violates and all assets that violate these same policies.
    Rule link in Incidents pane
    Return to asset tree and file information for the initial asset.
    View Asset Details link

Inherited Exposure from Shared Drives and Team Folders

Data Security provides a membership tree so you can explore the members for a given shared drive (Google Drive) or team folder (Dropbox). After you identify External users that pose a risk to your organization, you can delete them from the shared drive or team folder.
  1. Select ExploreAssets or ExploreIncidents.
  2. Click on an asset.
  3. Locate the Explore on Google or Explore on Dropbox pane.
  4. In the Name column, click on the folder or shared drive name.
  5. Identify any External members.