Skip to content

Access permissions violation

An Access Permissions Violation ticket displays details of a violation of specified access permissions for a cloud application. Tickets are raised only where the access attempt was successful, and are presented for admin user review.

The ticket includes the location of the user and identifies the specific service involved, such as Dropbox in this instance:

image info

Admin users can specify access permissions for cloud applications through Control Panel > Cloud Security. For further information, see Setting permissions for your cloud applications.

Use the Full Details section to view the activities that triggered Coro to raise the ticket, with suspicious activities highlighted in red. In the example below, the user account has performed several activities (Download and Login on Dropbox) from different locations not permitted by the configured access permissions rules.

image info

Select ACTION to perform a range of actions related to this ticket type:

image info

Close ticket

Close this ticket as considered remediated and take no further action.

Suspend user from all cloud apps

Quarantine the user account from all cloud services to eliminate the option of account takeover.

The user's access to their accounts is suspended until a cloud application administrator (not a Coro Admin user) reactivates the user's account via the admin console of each cloud application.

Suspend user from <service>

Quarantine the user account from the specified cloud service to eliminate the option of account takeover.

The user's access to their account is suspended until an administrator (not a Coro Admin user) reactivates the user's account via the admin console of the cloud application.

Request user to sign-in to all cloud apps

Request the user to re-sign into their account on all cloud applications to eliminate the option of account takeover.

Request user to sign-in to <service>

Request the user to re-sign into their account on the specified cloud service to eliminate the option of account takeover.

Contact user

Send a direct message to the user. The original details of the ticket are included in the message.