Risk & Compliance Management
-
- Set up and populate your SaaS stack
- Integrate your ERP & Accounting software with Sastrify
- Tool Discovery via SSO (Single Sign-On) discovery integrations
- Set Renewal Dates & Reminders
- Assign and modify Tool Owners
- Upload your SaaS documents into Sastrify
- Sastrify App Support: Assistance at your Fingertip
- Roll out Sastrify across your organization
- Sastrify's Commitment to Security and Privacy Standards
-
- Google Workspace SSO Integration for Tool Discovery
- Enhance organizational SaaS management with HRIS Integrations
- Summary Tab for storing your subscription details
- Use Discovered Page to detect active subscriptions
- Tools and Spend Importer: Easily upload and visualize data in Sastrify
- Align vendor names using the Tool Matching feature
- Add Sastrify App to your Slack workspace
- Manually add a new tool subscription
- Bulk upload of SaaS invoices
- Forward your SaaS documents via email
- Change notification preferences
- A quick glance at your stack using the Overview Page
- Manage activities and collaborate using custom tasks
- Task Automation: Streamline the creation of routine tasks
- Archive or delete inactive subscriptions
-
- Get Expert Procurement Support for New Purchases and Renewals
- Create and Manage Procurement Support using Sastrify - Jira Integration
- Scope of Service: Custom Benchmarking & Contract Review
- Scope of Service: Negotiation & Renewal Support
- Scope of Service: Custom SaaS Optimization Advisory
- Purchase your SaaS through the SastriMarket
- Control your cloud costs with SastriCloud
-
- Utilize Usage Analytics for full usage visibility
- Integrate Pleo with Sastrify
- Validate and fine-tune spend data with the Spend feature
- How to connect Microsoft Dynamics
- How to connect Netsuite
- How to connect Quickbooks
- Import spend data from Candis to Sastrify
- Import spend data from Spendesk to Sastrify
- Import spend data from Pleo to Sastrify
- Import spend data from Moss to Sastrify
- Import spend data from DATEV to Sastrify
- Zoom Usage Analytics Integration Guide
-
- ERP & Accounting Integration FAQs
- Discovery via SSO Integration FAQs
- HRIS Integration FAQs
- Usage Analytics FAQs
- Tools and Spend Importer FAQs
- Invoices FAQs
- Achieved & Potential Savings FAQs
- What is SaaS and Sastrify's scope of work?
- Who can invite a new user?
- Who receives the renewal alerts or reminders?
- How does Sastrify work with currencies?
- Is the spend data from accounting export always up-to-date?
- How to work with benchmark prices
- When and how to involve Sastrify in a contract evaluation or negotiation?
- How does Sastrify interact with SaaS vendors?
- How do you handle confidentiality clauses in vendor contracts?
- Does Sastrify handle SaaS contract termination?
- Why is contract data essential for benchmarking and negotiation support?
-
- Connecting your accounting software with Sastrify
- How to assign Tool Owners
- What Sastrify can do for Tool Owners
- How to set renewal dates
- How to set up a company-wide renewal reminder
- How to keep your tool stack updated
- How to set up, activate, and use a Workflow
- How to invite new users to Sastrify
- How to use Procurement Initiatives for new purchase & renewal
- How to collaborate using custom tasks
- Report issues and track procurement involvements
- Best Practices on how to work with Procurement Initiatives
- How to set up direct usage analytics integration
- How to set up SSO usage analytics integrations
- How to work with the Discovered tab
- How to use subscription tags
- Walk-through of the subscription detail page
Uncover shadow IT and assess risk factors using Sastrify Radar Print
Modified on: Tue, 4 Feb, 2025 at 7:59 PM
Sastrify Radar empowers IT and compliance teams to uncover, assess, and manage shadow IT within their organization. Through automated risk scoring for identified tools, this feature offers actionable insights that facilitate well-informed decision-making to reduce compliance risks, strengthen security, and boost operational effectiveness.
Using browser extensions and/or SSO discovery integrations, it finds shadow IT assets, automatically assign risk scores, and enables actions like approving, sanctioning, and getting in touch with users of those assets.
IN THIS ARTICLE
- Key Features of Sastrify Radar
- Basic Setup Requirements
- Accessing Sastrify Radar and its Building Blocks
Key Features of Sastrify Radar
- Shadow IT risk scoring: Get a comprehensive view of risk, see sanctioned tools, and track users interacting with risky tools.
- Rapid actions: Approve safe tools, sanction risky ones, and contact users of risky tools directly from your platform.
- User & tool monitoring: Get detailed views of users working with shadow IT tools, notify them of non-compliance, and track both monitored and unmonitored users for complete SaaS coverage.
Basic Setup Requirements
For Sastrify Radar to work, all of the following steps must be completed:
- Connect to either an SSO (Single Sign-On) discovery integration or an HRIS integration
- Enable an admin setup of Sastrify browser extension from your Sastrify platform.
- Have your employees add and activate their Sastrify browser extension.
Accessing Sastrify Radar and its Building Blocks
Sastrify Radar can be accessed from Risk Management > Radar.
Within the interface of this feature, you'll find four building blocks as represented by the four tabs, each designed with a specific purpose in mind.
- Overview: Track all discovered tools with filtering by risk score and usage, take actions such as approval or sanction, and summarize shadow IT findings and user monitoring by risk and monitoring status.
- Sanctioned: View sanctioned tools and notify users with reminders to ensure compliance.
- Users: View a breakdown of users or employees, along with information about the tools they are using and their risk scores, as well as a summary of monitored and unmonitored employees and how many of them are using shadow IT and unsanctioned tools.
- Audit Trail: Review a log of all actions taken to ensure transparency and accountability.
In the following sections, we will take a closer look at each tab and the actions that can be taken or performed within it.
1. Overview Tab
- Display all tools discovered through browser extensions and SSO discovery integrations. These tools are not yet part of your existing tool stack.
- Receive a risk assessment score for each of the detected tools. The detailed scoring breakdown can be viewed by clicking the expand buttons.
- Allow filtering and sorting by risk level, date, usage frequency, and category.
- Take actions such as approving or sanctioning tools.
- Approving will move the tools from this page to the Tool Stack page.
- Sanctioning will move the tools from this page to the Sanctioned page.
- Provide a summary of total tools categorized by risk level and sanction status.
- Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Pro Tip: Approval and sanctioning can be performed on an individual basis or in bulk.Each line item can be expanded by clicking the expand button to view a detailed score breakdown. Scores are generated automatically by a built-in AI agent that analyzes publicly available information on vendors and products.
We categorize scores into three risk levels:
- Low Risk (0-35): Minimal risk with no significant threats to security or operations.
- Medium Risk (36-64): Moderate risk with potential issues that should be addressed.
- High Risk (65-100): Significant risk requiring immediate action to mitigate security and operational threats.
For more detailed risk score evaluation criteria, click here.
2. Sanctioned Tab
- View sanctioned tools.
- Allow filtering and sorting by name, category, and status.
- Perform later approvals when specific sanctioned tools are approved for organizational use
- Notify users who are using or are associated to certain tools and send reminders to ensure compliance.
When the "Notify Users" button is clicked, the Sastrify admin can send an email notification to users or employees using the sanctioned tool.
3. Users Tab
Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Provide a summary of shadow IT users in your organization and those using sanctioned tools.
Use the notification option to:
- Contact shadow IT users to address unauthorized tool usage.
- Remind sanctioned tool users to discontinue use.
- Notify unmonitored users to add and activate the browser extension.
4. Audit Trail Tab
- Review a log of all actions taken to track changes and decisions to ensure transparency and accountability for all performed actions.
- View the details of each action as well as the associated tools that are impacted.
Did you find it helpful? Yes No
Send feedback