原則範本參考Policy template reference

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

本文提供 Microsoft Cloud App Security 中所包含原則範本的相關資訊。This article provides information on policy templates included in Microsoft Cloud App Security.

原則範本Policy templates

建議您盡可能以現有的範本為基礎開始建立原則,以方便使用。We recommend starting policy creation based on an existing template whenever possible for ease of use. 下表列出存在於 Microsoft Cloud App Security 中的原則範本。This table lists policy templates that exist in Microsoft Cloud App Security.

風險類別Risk category 範本名稱Template name 描述Description
雲端探索Cloud Discovery 找到的使用者有異常行為Anomalous behavior in discovered users 在找到的使用者及應用程式中偵測到異常行為時發出警示,例如:與其他使用者相較之下上傳了大量資料、與使用者歷程記錄相較之下有大型使用者交易。Alert when anomalous behavior is detected in discovered users and apps, such as: large amounts of uploaded data compared to other users, large user transactions compared to the user's history.
雲端探索Cloud Discovery 找到的 IP 位址有異常行為Anomalous behavior of discovered IP addresses 在找到的 IP 位址及應用程式中偵測到異常行為時發出警示,例如:與其他 IP 位址相較之下上傳了大量資料、與 IP 位址歷程記錄相較之下有大型應用程式交易。Alerts when anomalous behavior is detected in discovered IP addresses and apps, such as: large amounts of uploaded data compared to other IP addresses, large app transactions compared to the IP address's history.
雲端探索Cloud Discovery 共同作業應用程式合規性檢查Collaboration app compliance check 在發現新共同作業應用程式未符合 SOC2 及 SSAE 16 規範,且有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new collaboration apps are discovered that aren't compliant with SOC2 and SSAE 16, and are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 雲端儲存體應用程式合規性檢查Cloud storage app compliance check 在發現新雲端儲存體應用程式未符合 SOC2、SSAE 16、ISAE 3402 及 PCI DSS 規範,且有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new cloud storage apps are discovered that aren't compliant with SOC2, SSAE 16, ISAE 3402 and PCI DSS, and are used by more than 50 users with total daily use of more than 50 MB.
雲端探索Cloud Discovery CRM 應用程式合規性檢查CRM app compliance check 在發現新 CRM 應用程式未符合 SOC2、SSAE 16、ISAE 3402、ISO 27001 及 HIPAA 規範,且有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new CRM apps are discovered that aren't compliant with SOC2, SSAE 16, ISAE 3402, ISO 27001 and HIPAA, and are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的雲端儲存體應用程式New cloud storage app 在發現新的雲端儲存體應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new cloud storage apps are discovered that are used by more than 50 users with total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的程式碼託管應用程式New code hosting app 在發現新的程式碼託管應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new code hosting apps are discovered that are used by more than 50 users with total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的共同作業應用程式New collaboration app 在發現新的共同作業應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new collaboration apps are discovered that are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的 CRM 應用程式New CRM app 在發現新的 CRM 應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new CRM apps are discovered that are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的大量應用程式New high volume app 在發現新應用程式的每日總流量高於 500 MB 時發出警示。Alert when new apps are discovered that have total daily traffic of more than 500 MB.
雲端探索Cloud Discovery 新的高上傳量應用程式New high upload volume app 在發現新應用程式的每日總上傳流量高於 500 MB 時發出警示。Alert when new apps are discovered whose total daily upload traffic is more than 500 MB.
雲端探索Cloud Discovery 新的人力資源管理應用程式New Human-Resource Management app 在新發現的人力資源管理應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when newly discovered Human-Resource Management apps are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的線上會議應用程式New online meeting app 在發現新的線上會議應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new online meeting apps are discovered that are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的熱門應用程式New popular app 在發現新的應用程式有超過 500 名使用者時發出警示。Alert when new apps are discovered that are used by more than 500 users.
雲端探索Cloud Discovery 新的風險應用程式New risky app 在發現新應用程式的風險分數低於 6,而且有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new apps are discovered with risk score lower than 6 and that are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的銷售應用程式New sales app 在發現新的銷售應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new sales apps are discovered that are used by more than 50 users with a total daily use of more than 50 MB.
雲端探索Cloud Discovery 新的廠商管理系統應用程式New vendor management system apps 在發現新的廠商管理系統應用程式有超過 50 位使用者每天使用超過 50 MB 時發出警示。Alert when new vendor management system apps are discovered that are used by more than 50 users with a total daily use of more than 50 MB.
DLPDLP 外部共用的原始程式碼Externally shared source code 在檔案包含從組織外部共用的原始程式碼時發出警示。Alert when a file containing source code is shared outside your organization.
DLPDLP 在雲端中偵測到包含 PCI 的檔案 (內建 DLP 引擎)File containing PCI detected in the cloud (built-in DLP engine) 當 Microsoft Cloud App Security 內建資料外洩防護 (DLP) 引擎在獲批准的雲端應用程式中,偵測到包含付款卡資訊 (PCI) 的檔案時發出警示。Alert when a file with payment card information (PCI) is detected by the Microsoft Cloud App Security built-in data loss prevention (DLP) engine in a sanctioned cloud app.
DLPDLP 在雲端中偵測到包含 PHI 的檔案 (內建 DLP 引擎)File containing PHI detected in the cloud (built-in DLP engine) 當 Microsoft Cloud App Security 內建資料外洩防護 (DLP) 引擎在獲批准的雲端應用程式中,偵測到包含受保護健全狀況資訊 (PHI) 的檔案時發出警示。Alert when a file with protected health information (PHI) is detected by the Microsoft Cloud App Security built-in data loss prevention (DLP) engine in a sanctioned cloud app.
DLPDLP 在雲端中偵測到包含私人資訊的檔案 (內建 DLP 引擎)File containing private information detected in the cloud (built-in DLP engine) 當 Microsoft Cloud App Security 內建資料外洩防護 (DLP) 引擎在獲批准的雲端應用程式中,偵測到包含個人資料的檔案時發出警示。Alert when a file with personal data is detected by the Microsoft Cloud App Security built-in data loss prevention (DLP) engine in a sanctioned cloud app.
威脅偵測Threat detection 來自非公司 IP 位址的管理活動Administrative activity from a non-corporate IP address 在管理員使用者從不包含在公司 IP 位址範圍類別中的 IP 位址執行管理活動時發出警示。Alert when an admin user performs an administrative activity from an IP address that isn't included in the corporate IP address range category. 先移至 [設定] 頁面設定公司的 IP 位址,並設定 [IP 位址範圍]****。First configure your corporate IP addresses by going to the Settings page, and setting IP address ranges.
威脅偵測Threat detection 從有風險的 IP 位址登入Log on from a risky IP address 在使用者從具風險的 IP 位址登入您獲批准的應用程式時發出警示。Alert when a user signs into your sanctioned apps from a risky IP address. 根據預設,[具風險的 IP 位址] 類別包含具有 [匿名 Proxy]、[TOR] 或 [殭屍網路] IP 位址標記的位址。By default, the Risky IP address category contains addresses that have IP address tags of Anonymous proxy, TOR, or Botnet. 您可以在 [IP 位址範圍] 設定頁面中,將更多 IP 位址新增到此類別。You can add more IP addresses to this category in the IP address ranges settings page.
威脅偵測Threat detection 單一使用者大量下載Mass download by a single user 在單一使用者在 1 分鐘內執行 50 次以上的下載時發出警示。Alert when a single user performs more than 50 downloads within 1 minute.
威脅偵測Threat detection 使用者嘗試登入應用程式多次失敗Multiple failed user sign-in attempts to an app 在單一使用者嘗試登入單一應用程式,並在 5 分鐘內超過 10 次失敗時發出警示。Alert when a single user tries to sign in to a single app and fails more than 10 times within 5 minutes.
威脅偵測Threat detection 潛在的勒索軟體活動Potential ransomware activity 在使用者將檔案上傳到可能受勒索軟體感染的雲端時發出警示。Alert when a user uploads files to the cloud that might be infected with ransomware.
共用控制Sharing control 檔案與個人電子郵件地址共用File shared with personal email addresses 當檔案與使用者的個人電子郵件地址共用時發出警示。Alert when a file is shared with a user's personal email address.
共用控制Sharing control 檔案與未經授權的網域共用File shared with unauthorized domain 當檔案與未經授權的網域 (例如您的競爭者) 共用時發出警示。Alert when file is shared with an unauthorized domain (such as your competitor).
共用控制Sharing control 共用數位憑證 (副檔名)Shared digital certificates (file extensions) 在公開共用包含數位憑證的檔案時發出警示。Alert when a file containing digital certificates is publicly shared. 使用此範本來協助您治理 AWS 儲存體。Use this template to help govern your AWS storage.
共用控制Sharing control 可公開存取的 S3 貯體 (AWS)Publicly accessible S3 buckets (AWS) 當公開共用 AWS S3 貯體時發出警示。Alert when an AWS S3 bucket is publicly shared.
共用控制Sharing control 過時的外部共用檔案Stale externally shared files 在外部共用檔案未修改至少6個月時發出警示。Alert when externally shared files haven't been modified for at least 6 months.

後續步驟Next steps

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.