活動隱私權Activity privacy

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

Microsoft Cloud App Security 可讓企業根據群組成員資格來精確地決定他們想要監視的使用者。Microsoft Cloud App Security provides enterprises with the ability to granularly determine which users they want to monitor based on group membership. 活動隱私權新增了遵循組織合規性法規的能力,而不會危及使用者隱私權。Activity privacy adds the ability to follow your organization's compliance regulations without compromising user privacy. 這是藉由在活動記錄中隱藏活動,讓您可以監視使用者,同時維持其隱私權。This is achieved by enabling you to monitor users whilst maintaining their privacy by hiding their activities in the activity log. 只有經過授權的系統管理員可選擇檢視這些私人活動,並在治理記錄中稽核每個執行個體。Only authorized admins have the option to choose to view these private activities, with each instance being audited in the governance log.

設定活動隱私權使用者群組Configure activity privacy user groups

您可能有想要監視 Cloud App Security 中的使用者,但由於合規性法規,您需要限制可進行此作業的人員。You may have users in Cloud App Security that you want to monitor but, due to compliance regulations, you need to limit the people who can do so. 活動隱私權可讓您定義依預設會隱藏活動的使用者群組。Activity privacy allows you to define a user group for which the activities will be hidden by default.

若要設定您的使用者隱私組,您必須先將 使用者群組匯入 Cloud App Security。To configure your user privacy groups, you must first import user groups to Cloud App Security. 根據預設,您會看到下列群組:By default, you'll see the following groups:

  • 應用程式 使用者群組-內建組,可讓您查看 Microsoft 365 和 Azure AD 應用程式所執行的活動。Application user group - A built-in group that enables you to see activities performed by Microsoft 365 and Azure AD applications.

  • 外部使用者 群組-不是您為組織設定之任何受控網域成員的所有使用者。External users group - All users who aren't members of any of the managed domains you configured for your organization.

  1. 在功能表列中,按一下 [設定] 齒輪,然後選取 [限 域部署和隱私權]。In the menu bar, click the settings cog and select Scoped deployment and privacy.

    設定圖示

  2. 若要設定 Cloud App Security 監視的特定群組,請在 [ 活動隱私權 ] 索引標籤中,按一下加號圖示。To set specific groups to be monitored by Cloud App Security, in the Activity privacy tab, click the plus icon. iconicon

  3. 在 [ 新增使用者群組 ] 對話方塊的 [ 選取使用者群組] 下,選取您要在 Cloud App Security 中設為私用的所有群組,然後按一下 [ 新增]。In the Add user groups dialog, under Select user groups, select all the groups you want to make private in Cloud App Security, and then click Add.

    顯示 [新增使用者群組] 對話方塊的螢幕擷取畫面

    注意

    新增使用者群組之後,群組的使用者執行的所有活動都會從該群組的使用者開始,然後再開啟。Once a user group is added, all the activities performed by users of the group will be made private from then on. 現有的活動不會受到影響。Existing activities are not affected.

指派管理員許可權以查看私用活動Assign admins permission to view private activities

  1. 在功能表列中,按一下 [設定] 齒輪,然後選取 [ 管理管理存取]。In the menu bar, click the settings cog and select Manage admin access.

    設定圖示

  2. 若要授與特定管理員許可權以查看私用活動,請在 [ 活動隱私權許可權 ] 索引標籤中,按一下加號圖示。To give specific admins permission to view private activities, in the Activity privacy permissions tab, click the plus icon. iconicon

  3. 在 [ 新增系統管理員許可權 ] 對話方塊中,輸入系統管理員的 UPN 或電子郵件地址,然後按一下 [ 新增許可權]。In the Add admin permission dialog, enter the admin's UPN or email address, and then click Add permission.

    顯示 [新增系統管理員許可權] 對話方塊的螢幕擷取畫面

    注意

    只有系統管理員可以被指派許可權,以查看私用活動。Only admins can be assigned permission to view private activities.

查看私用活動Viewing private activities

一旦系統管理員已授與適當的許可權來觀看私人活動,他們就可以選擇在活動記錄中查看這些活動。Once an admin has been granted the appropriate permission to view private activities, they have the option to choose to see these activities in the activity log.

若要查看私用活動To view private activities

  1. 在 [ 活動記錄 ] 頁面中,按一下 [活動] 資料表右邊的 [設定] 圖示,然後選取 [ 顯示私用活動]。In the Activity log page, to the right of the activity table, click the settings icon, and then select Show private activities.

    顯示活動記錄設定圖示的螢幕擷取畫面

  2. 在 [ 顯示私用活動 ] 對話方塊中,按一下 [確定] ,確認您瞭解正在審核該動作。In the Show private activities dialog, click OK to confirm that you understand that the action is being audited. 確認之後,私用活動會顯示在活動記錄中,而且該動作會記錄在治理記錄檔中。Once confirmed, the private activities are shown in the activity log and the action is recorded in the governance log.

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.