The G Suite Domain Audit section gives full visibility of all G Suite users’ actions within the domain. Based on robust machine learning algorithms, Spinbackup assigns a risk level mark to every insider threat.
On the left of your dashboard press the Domain Audit button. Alternatively, press the Domain Audit button in the Recent activity section on your dashboard.
In the opened section you can see the list of all users’ actions.
The description contains the date and time of every activity, the activity risk level, the user’s name and email, type of action, the name of application, IP, country and city where the activity took place.
You can sort the list by any of the columns by pressing the corresponding ∨ button. To search for a specific activity, use the advanced search bar on the top of the page. To filter the list to view the activities of all risk levels, or only of particular ones, press the All risk levels filter button. To set the period you want to see the data for, press the calendar button.
There are four risk levels and six types of activities. Risk levels are named Info, Low, Medium and High. The risk level is assigned by the Spinbackup machine algorithm to every activity. Activities include Login, Logout, Install, Remove, Download / Transfer, and Data sharing.
If you click on the risk level of the activity or on its time, type, IP, country or city, you will see the activity details.
- Login – login activities. In the Details pop-up window you can read about this activity in more detail. For example, you can find information about successful login or failed login due to an incorrect password.
- Logout – logout activities.
- Install – installing a 3rd-party app with full account access to your corporate data. If the app can be risky to your data, Spinbackup notifies you about this.
Click on the application name for this activity in the main Domain audit section to see the application details.
Here, you can see the access level of the application and the list and description of its possible risks. The section provides information about how many users have access to the application. You can press the number of users to see the list of these users.
You can remove access to this application for all or selected users or mark it as trusted. To learn more about 3rd-party apps security section, read our 3rd-party Apps Audit article or watch the 3rd-party Apps Audit (video demo).
Remove – removing access to corporate data for a 3rd-party app for all or selected users.
- Download / Transfer – downloading data to a local device or transferring from a corporate account to a personal one.
- Data sharing – sharing data with people outside the domain or publishing it on the web (giving access to anyone on the Internet).
You can stop sharing files or folders with all or with selected users, cancel the “public on the web” access or take ownership of the file. To learn more about the Data Audit section, read our Data Audit of File Sharing article or watch the Data Audit of Shared Files (video demo).
From the Domain Audit section you can also move to any user’s real-time monitor by pressing his/her name.
Here, you can see a real-time list of all users’ activities and the list of all 3rd-party apps, connected to the user account. You can remove access directly from here.
Enjoy the full visibility of users’ actions with the Spinbackup Domain Audit section.
To learn more about the Spinbackup Domain Audit section, watch our Domain Audit (video demo).