Drill-Down to private data on detection is now available

Avanan Admins can now be limited to view messages and files content only when security engine detection is made.

Access to content allows admins to view email body and attachments, as well as collaboration platform messages and shared files. This access to data makes it possible to review data suspected as malicious and assess if the entity is clean or malicious.

While access to the data can be essential to the incident response process, it also may raise privacy concerns - allowing security admins to access all the emails and files provides them access to sensitive information.

The new configuration can limit admins from accessing data (inspect and download the email or file) only when one of the security engines that scanned the entity generates some finding on the entity - i.e. phishing, spam, malware detection and reported phishing. The admin would not be allowed to access the data when no detection is made by any of the security engines. With the new configuration, the admins are limited only to data suspected as malicious.

The new configuration is available in the User Management screen, for each user. When 'Allow drill-down into customer-data' is selected, 2 radion buttons are available: 'All User Data', and 'When Detection Exists'.