Managing Scopes for granular control of DLP alerts

In large or distributed organizations, giving administrators unrestricted access to all alerts can introduce privacy risks and compliance exposure. For example, an EMEA administrator should not routinely view alerts generated by users in APAC.

The Scope feature solves this by allowing you to define exactly which users or groups an administrator can manage within Forcepoint Data Security Cloud.

Once a Scope is assigned to an admin’s role, that administrator will only be able to view and act on DLP alerts triggered by users within their assigned Scope—nothing more.

For example, A regional IT manager responsible for EMEA is assigned a Scope that contains your EMEA user groups. This manager can review and respond to DLP alerts for EMEA users but has no visibility into alerts from other regions.

Currently, Scope-Based Access Control applies to DLP Alerts, with support for additional features planned for future releases.