Risk & Compliance Management
-
- Set up and populate your SaaS stack
- Integrate your ERP & accounting software with Sastrify
- Tool Discovery via SSO (Single Sign-On) discovery integrations
- Set renewal dates & reminders
- Assign and modify tool owners
- Upload your SaaS documents into Sastrify
- Sastrify App Support: Assistance at your fingertip
- Roll out Sastrify across your organization
- Sastrify's commitment to security and privacy standards
-
- Google Workspace SSO integration for tool discovery
- Enhance organizational SaaS management with HRIS Integrations
- Summary tab for storing your subscription details
- Use Discovered Page to detect active subscriptions
- Tools and Spend Importer: Easily upload and visualize data in Sastrify
- Align vendor names using the Tool Matching feature
- Add Sastrify App to your Slack workspace
- Manually add a new subscription
- Bulk upload of SaaS invoices
- Forward your SaaS documents via email
- Change notification preferences
- A quick glance at your stack using the overview page
- Manage activities and collaborate using custom tasks
- Task Automation: Streamline the creation of routine tasks
- Archive or delete inactive subscriptions
-
- Get expert procurement support for new purchases and renewals
- Create procurement support using Sastrify - Jira Integration
- Scope of service: Custom benchmarking & contract eview
- Scope of service: Negotiation & renewal support
- Scope of service: Custom SaaS Optimization Advisory
- Purchase your SaaS through the SastriMarket
- Control your cloud costs with SastriCloud
-
- Utilize Usage Analytics for full usage visibility
- Integrate Pleo with Sastrify
- Validate and fine-tune spend data with the Spend feature
- How to connect Microsoft Dynamics
- How to connect Netsuite
- How to connect Quickbooks
- Import spend data from Candis to Sastrify
- Import spend data from Spendesk to Sastrify
- Import spend data from Pleo to Sastrify
- Import spend data from Moss to Sastrify
- Import spend data from DATEV to Sastrify
- Zoom Usage Analytics Integration Guide
-
- ERP & Accounting Integration FAQs
- Discovery via SSO Integration FAQs
- HRIS Integration FAQs
- Usage Analytics FAQs
- Tools and Spend Importer FAQs
- Invoices FAQs
- Achieved & Potential Savings FAQs
- What is SaaS and Sastrify's scope of work?
- Who can invite a new user?
- Who receives the renewal alerts or reminders?
- How does Sastrify work with currencies?
- Is the spend data from accounting export always up-to-date?
- How to work with benchmark prices
- When and how to involve Sastrify in a contract evaluation or negotiation?
- How does Sastrify interact with SaaS vendors?
- How do you handle confidentiality clauses in vendor contracts?
- Does Sastrify handle SaaS contract termination?
- Why is contract data essential for benchmarking and negotiation support?
-
- Connecting your accounting software with Sastrify
- How to assign Tool Owners
- What Sastrify can do for Tool Owners
- How to set renewal dates
- How to set up a company-wide renewal reminder
- How to keep your tool stack updated
- How to set up, activate, and use a Workflow
- How to invite new users to Sastrify
- How to use Procurement Initiatives for new purchase & renewal
- How to collaborate using custom tasks
- Report issues and track procurement involvements
- Best Practices on how to work with Procurement Initiatives
- How to set up direct usage analytics integration
- How to set up SSO usage analytics integrations
- How to work with the Discovered tab
- How to use subscription tags
- Walk-through of the subscription detail page
Uncover shadow IT and assess risk factors using Sastrify Radar Print
Modified on: Thu, 13 Mar, 2025 at 4:40 PM
Sastrify's Shadow IT Radar empowers IT and compliance teams to uncover, assess, and manage shadow IT within their organization. Through automated risk scoring for identified tools, this feature offers actionable insights that facilitate well-informed decision-making to reduce compliance risks, strengthen security, and boost operational effectiveness.
Using browser extensions, it finds shadow IT assets, automatically assign risk scores, and enables actions like approving, sanctioning, and getting in touch with users of those assets.
IN THIS ARTICLE
- Key Features of Shadow IT Radar
- Basic Functionality Requirements
- Accessing Shadow IT Radar and its Building Blocks
Key Features of Shadow IT Radar
- Shadow IT risk scoring: Get a comprehensive view of risk, see sanctioned tools, and track users interacting with risky tools.
- Rapid actions: Approve safe tools, sanction risky ones, and contact users of risky tools directly from your platform.
- User & tool monitoring: Get detailed views of users working with shadow IT tools, notify them of non-compliance, and track both monitored and unmonitored users for complete SaaS coverage.
Basic Functionality Requirements
For Shadow IT Radar to function at its best, all of the following steps must be completed:
- Connect to one of the HRIS integration
- Enable an admin setup of Sastrify browser extension from your Sastrify platform.
- Have your employees add and activate their Sastrify browser extension.
Accessing Shadow IT Radar and its Building Blocks
Sastrify Radar can be accessed from Risk Monitoring > Shadow IT Radar.
Within the interface of this feature, you'll find four building blocks as represented by the four tabs, each designed with a specific purpose in mind.
- Overview: Track all discovered tools with filtering by risk score and usage, take actions such as approval or sanction, and summarize shadow IT findings and user monitoring by risk and monitoring status.
- Sanctioned: View sanctioned tools and notify users with reminders to ensure compliance.
- Users: View a breakdown of users or employees, along with information about the tools they are using and their risk scores, as well as a summary of monitored and unmonitored employees and how many of them are using shadow IT and unsanctioned tools.
- Audit Trail: Review a log of all actions taken to ensure transparency and accountability.
In the following sections, we will take a closer look at each tab and the actions that can be taken or performed within it.
1. Overview Tab
- Display all tools discovered through browser extensions and SSO discovery integrations. These tools are not yet part of your existing tool stack.
- Receive a risk assessment score for each of the detected tools. The detailed scoring breakdown can be viewed by clicking the expand buttons.
- Allow filtering and sorting by risk level, date, usage frequency, and category.
- Take actions such as approving or sanctioning tools.
- Approving will move the tools from this page to the Tool Stack page.
- Sanctioning will move the tools from this page to the Sanctioned page.
- Provide a summary of total tools categorized by risk level and sanction status.
- Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Pro Tip: Approval and sanctioning can be performed on an individual basis or in bulk.Each line item can be expanded by clicking the expand button to view a detailed score breakdown. Scores are generated automatically by a built-in AI agent that analyzes publicly available information on vendors and products.
We categorize scores into three risk levels:
- Low Risk (0-35): Minimal risk with no significant threats to security or operations.
- Medium Risk (36-64): Moderate risk with potential issues that should be addressed.
- High Risk (65-100): Significant risk requiring immediate action to mitigate security and operational threats.
For more detailed risk score evaluation criteria, click here.
2. Sanctioned Tab
This tab contains tools that have previously been marked as sanctioned. Within this tab, you can perform the following actions:
- View sanctioned tools.
- Allow filtering and sorting by name, category, and status.
3. Users Tab
Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Provide a summary of shadow IT users in your organization and those using sanctioned tools.
Get a detailed breakdown at the employee level, including tools used and tools sanctioned per employee.
- Allow filtering and sorting by name, used tools, sanctioned tools, and status.
Did you find it helpful? Yes No
Send feedback