Adjusting Cloud Risk Scores

The Forcepoint ONE SSE cloud risk score is assessed by a weighted formula calculating all of the attributes that the app has/doesn't have along with Forcepoint ONE SSE's automated trust rating.

These weights can be adjusted at any time by an admin on the Cloud Score Weights page. You can access this page by clicking it from the navigation tree under Discovery or from clicking the link displayed under the question mark next to the applications risk score.

For each attribute you can adjust the weight to 1 or more. The higher the number the more that particular attribute will be weighted in the cloud risk score. Meaning if you weight SOC2 compliance higher than other attributes, then it means applications that possess SOC2 compliance will have a higher (better) cloud risk score than applications that don't have SOC2. You can also adjust the slider for how much Forcepoint ONE SSE's automated Trust Rating factors into the overall weighted formula for the Cloud Risk Score.

Forcepoint ONE SSE assesses the following Attributes across 4 categories:

Compliance Certifications

Cobit
CSA STAR
FedRAMP
FINRA
FIPS 140-2
FISMA
GAAP
HIPAA
HITRUST
ISAE3402
ISO 27001
ITAR
ITIL
PCI DSS 3.2
Privacy Shield
SOC 1
SOC 2
SOC 3
SOX
SP 800-53
TRUSTe

Security

Admin Action Logging
Data Sharing: File Sharing
Data Sharing: Granular Access Controls
DLP Integration
Heartbleed Patched
MFA
Password Policy
Penetration Testing
SAML SSO
SLA Present
Trusted Certificate
User Audit Trail
User can upload data

Encryption

Strong (AES 256)
Data Segregation by Tenant
TLS 1.2
Tenant Managed Keys

Legal

Data Ownership
Data Retention on Termination
DMCA
GDPR: Data Protection
GDPR: Report data breaches
GDPR: Right to erasure
GDPR: User Ownership

Trust Rating

Forcepoint ONE SSE's trust rating is assessed automatically via machine learning taking into account factors such as public signals, ownership information, usage information, etc compared across other application within their categories.