Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help
24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

PCI - Privileged Account Activity

PCI - Privileged Account Activity

Description

Privileged Account Activity policy monitors and tracks targeted users' activities on the cloud accounts. The policy allows configuration on which user and what type of activities to be monitored.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Compliance, then select PCI-DSS tab.
  3. Locate PCI - Privileged Account Activity and click on the right arrow key > button to expand the policy.
  4. Click On in Enabled to enabled the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).

    6. Note: this policy generates both alert in Alert page and data in Compliance Report.

  6. In Event section, click to select specific event(s). To select all events instead, click on Select all events.
  7. In Monitored User section, and select user(s) to be monitored. To select all users, click Select all users.
  8. Click Save Changes to update the configurations.

After the policy is enabled and configured, whenever there is any specific activity conducted by targeted user(s), an alert will be triggered in the alert page. For more details, please refer to Alert.

Compliance report will also record any alerts generated by this policy, for more details, please see Generate Compliance Report.

Previous
Next

PCI - Privileged Account Activity

Description

Privileged Account Activity policy monitors and tracks targeted users' activities on the cloud accounts. The policy allows configuration on which user and what type of activities to be monitored.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Compliance, then select PCI-DSS tab.
  3. Locate PCI - Privileged Account Activity and click on the right arrow key > button to expand the policy.
  4. Click On in Enabled to enabled the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).

    6. Note: this policy generates both alert in Alert page and data in Compliance Report.

  6. In Event section, click to select specific event(s). To select all events instead, click on Select all events.
  7. In Monitored User section, and select user(s) to be monitored. To select all users, click Select all users.
  8. Click Save Changes to update the configurations.

After the policy is enabled and configured, whenever there is any specific activity conducted by targeted user(s), an alert will be triggered in the alert page. For more details, please refer to Alert.

Compliance report will also record any alerts generated by this policy, for more details, please see Generate Compliance Report.

Previous
Next