Unauthorised application usage
Use the Unauthorised application usage dashboard in Risk Monitor to see if applications in your IT estate have been accessed by users who are not authorized to do so.
Description
The rules for what departments or users are authorized to access applications are configured on the Intended Access page. Any breaches of the rules are shown on this dashboard. If no rules have been set, the dashboard will not show any data.
The key figures and charts will quickly give you insights into, for example:
-
The number and names of applications that have been accessed by unauthorized users.
-
The number of unauthorized users in a certain department of your organization.
-
The users with the highest count of unauthorized usage.
Use the table to look up information on the unauthorized usage, for example, what date a certain user last used a certain application.
You can filter the data to focus on unauthorized usage for a certain parameter. All key figures, charts, and tables will adjust to show the results filtered by the selected parameter. Use the filters to focus on, for example:
-
Unauthorized usage of a specific application.
-
Unauthorized usage by a specific department or user.
-
Unauthorized usage of vulnerable applications.
-
Unauthorized usage of applications that may contain personally identifiable information.
Related use cases
For information on related uses cases, see the following sections:
-
Find out if there has been any unauthorized usage of a certain PII risk application
-
Find out if there has been any unauthorized usage of PII risk applications
Characteristics
You can refer to the tables below for descriptions of the key figures, filters, charts, and tables on the dashboard.
Key figures
The key figures give a quick overview of the status of the unauthorized usage of applications in your IT estate.
| Key figure | Description |
|---|---|
| Unauthorised applications | The number of applications that have been accessed by unauthorized users. |
| Unauthorised users | The number of users that have used applications they are not authorized to access. |
| Unauthorised usage (users) |
Filters
Use one or more filters to focus on specific aspects of unauthorized application usage. All the key figures, charts, and tables on the page will adjust to show the results filtered by the selected parameter or parameters.
| Filter | Description |
|---|---|
| Application name | Select an application name from the list to see details of unauthorized usage of the application. Only applications that are included in a rule for intended access are displayed in the list. |
| Organization | Select an organizational unit from the list to see details of the unauthorized application usage for that organizational unit. |
| PII risk | Select True to see details of unauthorized usage of applications that may contain personally identifiable information. Select False to see details of unauthorized usage of applications that do not contain personally identifiable information. |
| User | Select a user from the list to see details about the user's unauthorized usage of applications, for example, application names and number of minutes of unauthorized usage. Only unauthorized users are displayed in the list. |
| Vulnerable application | Select True to see details of unauthorized usage of vulnerable applications. Select False to see details of unauthorized usage of applications that are not vulnerable. |
| Device name | Select a device name from the list to see details about unauthorized usage of applications installed on the device, for example, application names and users. |
Charts
Use the charts to get insights into different aspects of the unauthorized usage of applications in your IT estate.
Select a bar in a chart to focus on the unauthorized usage for that item, for example for an application, a department, or a user. All the key figures, charts, and tables on the page will adjust to show the results filtered by the selected item.
| Chart | Description |
|---|---|
| Unauthorised application usage | Shows the names of all applications that have been accessed by unauthorized users. |
| Unauthorised users - by department/OU | Groups the number of unauthorized users by department or organizational unit. |
| Unauthorised usage (minutes per run) - by user | Shows all unauthorized users and the number of minutes each user has used applications without authorization. |
Tables
Use the table to see details about the unauthorized usage of applications.
Select a column header to sort the table by that column.
| Table | Description |
|---|---|
| Application user access details | Unfiltered, the table includes all applications that have been accessed by unauthorized users. The following details are shown in the table:
|