Feature Briefs

Cisco Umbrella Tenant Controls

Issue link: https://learn-umbrella.cisco.com/i/1272833

Contents of this Issue

Navigation

Page 1 of 1

Feature brief Cisco Umbrella © 2020 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Tenant Controls for Security and Productivity Features: 1. Ability to explicitly allow access to corporate approved tenants of an organization's enterprise applications: By providing the domains of the tenants that are corporate approved within a tenant restriction setting, and applying this setting to an Umbrella web policy, the user is making the choice to explicitly allow access to these tenants only. 2. Ability to implicitly block access to non-approved tenants of an organization's enterprise applications: Conversely, should a tenant domain not be provided as part of the setting the user will not gain access to the respective tenant due to the implicit block applied. 3. Ability to reflect the tenant restricted activity in 3rd party vendor reporting: User's are not required to provide tenant ID's beyond the domains in order for tenant Controls to work. However, by providing tenant identifiers for O365 and Slack, reporting within the 3rd Party portals will be able to reflect tenant restricted activity. Use Cases 1. Challenge: Many security admins are only able to manage application controls at an application level. This leads to users having access to tenants of an enterprise application that are not approved in order to provide access to approved tenants of the application in question. In order to prevent access to non approved tenants the only option for a security admin would be to block access to an application entirely. Solution: Use Umbrella Tenant Controls within my organization's Web Policy. Benefit: An organization can now manage access to tenants of an enterprise application rather than just the application overall. 2. Challenge: Security admins need to ensure sensitive data that is created and stored in corporate approved instances of cloud applications, won't accidentally or maliciously be exfiltrated by users of that data to a non approved account. Solution: Provide the approved tenant domains and apply them to the appropriate Umbrella Web policies. Benefit: Ensure data being accessed in a corporate tenant of an enterprise application is no longer at risk of being exfiltrated to a non-approved instance of the same enterprise application.

Articles in this issue

Links on this page

view archives of Feature Briefs - Cisco Umbrella Tenant Controls