How can we help?

Auvik SaaS Management FAQ

Follow

What is Auvik SaaS Management?

Auvik SaaS Management is a cloud-based system that provides unprecedented insight into SaaS, desktop, and business applications. Auvik SaaS Management is a software offering of the Auvik company.

Auvik SaaS Management (ASM) was built to secure organizations by giving them insight into all the software they use and unveiling risky behaviors inside ecosystems that IT administrators are unaware of. The technology uses proprietary technology to achieve this goal, and those are outlined below.

For more information, click here.

Does ASM pick up download events?

ASM doesn’t currently pick up upload events, but it's something that Auvik is looking at in the future.

Can workflows like Alerts be set on a global level?

Yes, you can set alerts at the global level using the Set as Default option. You can also create them centrally versus having to look at specific clients - this will work for new clients and will be applied to existing clients as well.

Can ASM ignore personal credentials so that it does not flag as risks?

You can either use filters on reports to ignore personal credentials or disable the usage of tracking personal logs completely if you prefer not to see any of them. For Auvik, personal accounts are defined by the configuration of domain names for the tenant. As an example, Auvik.com vs Gmail.com. To change this setting or if you have multiple domain names, you can do so under Utilities > Domain Configuration.

Is there a way to purge some users' browser history?

ASM can remove specific apps and specific users, but there isn’t currently a way to delete security logs or deeper level data. This data will eventually expire. If you have a submission related to GDPR or removal of person, please contact Support.

Is there a way to approve app usage for certain users or groups?

Not at this time, but it may be something that will be added in the future.

How long are metadata logs stored for?

ASM’s security log data, deeper level logging and meta data with exact timestamps of SaaS events will be on a 1 year retention.

Does ASM employ key logging?

There is no key logging at all. We don’t collect passwords or any sensitive data. For more information, click here.

Can you send out a Vendor Incident email?

Yes, there is a workflow for that.

How fast does an incident report get posted after the report?

Once ASM adds them, they are live immediately. We strive to add them within 48 hours of the confirmation by the vendor of an incident.

Does ASM break down utility by application set to show the distribution of time people have in each specific source of access (e.g.: XY hours in web-based Word vs AB hours in the installed application)?

ASM has a usage metric that is gathered via the browser itself (for web based apps) and via the desktop (using Windows/MacOS apis) however ASM does not have a native report that divides it up this way currently.

Can you split multiple data identifiers into three separate applications?

It is currently not possible to split data identifiers into separate applications but it is in the plans to enable this type of functionality. Data that shares a URL or domain is available in the Identified URLs menu, so this information can be viewed at a deeper level and the unique application can still be tracked.

Can ASM break down whether an app is a paid or free version?

ASM does not dive into the licensing details today to understand if a user is using a free license or a paid license. Users could use a tag or they could add contract details to an application to ensure that data shows in the reporting.

Is there a way to move an application back to unclassified status?

We recommend that users move an application to Evaluating State for applications they are evaluating where they belong and then filter on that in the classified view.

Why can I see two accounts for the same user but with different emails?

You are seeing them as duplicate users because they don’t automatically map together due to the different domain names. ASM fuzzy mapping does the best it can but in these contexts it doesn’t. ASM has a merge feature that users can use to manually merge users like this.

How is the ASM shared credentials flag triggered?

The ASM model only marks Shared accounts if it see more than one user log into an application with the same credentials,

Does ASM work within a VDI (Virtual Desktop Infrastructure)?

Yes, the ASM agent works in VDI infrastructure, so this is a supported use case. Ultimately ASM solves the same problems in a VDI infrastructure as on a traditional workstation.

Does Auvik meet the government regulations for sending information from a SaaS agent “over the wire”?

No, ASM is not the best fit for US Federal Government governments.

Can you generate custom reports using Power BI for ASM?

There is no pre-configured integration but you can schedule them to a specific user, email or you could use the ASM API to pull that data into Power BI.

Using ASM, can you run reports for specific groups rather than the entire end-user base?

Yes, you can create the groups in Azure and import them to ASM. To do this:

  1. Log into ASM
  2. Go to Identities and Assets > Azure Groups
  3. Click Import next to the groups desired to report on

Once imported, you can run a report on the ‘Group’ within most ASM reports.

You can also do this for Google Workspace by going to:

  1. Log into ASM
  2. Go to Identities and Assets > Google Workspace
  3. Click Import next to the groups desired to report on

Do permissions set in ANM carry over to ASM?

New users outside the first user are given client admin. You disable the user's ability to access ASM by setting the default permission to No UI Access.

The SaaS Management button is only available in ANM to those that have access to the top-level subscriber tenant.

Is there a way to SSO directly into ASM rather than going to ANM and then clicking into ASM?

Authentication is centralized to the same workflow as ANM. You can access the same authentication methods via app.saaslio.com

Is there a way to see when the ASM billing period began?

The historical billing / usage details for ASM are not available in the product today. The current active users are listed. Billing starts as soon as you roll ASM out to users. For example, if you roll out a user on the 1st of the month, then billing would start next month.

Can we pay for ASM via credit card?

Yes, but ASM-only accounts need to contact Finance.

Does ASM integrate with other applications?

There are no integrations at this time. However there are APIs to access the information from ASM.

Deploying ASM remotely using Datto RMM failed for a majority of users, what went wrong?

When this occurs, it is almost always a security tool blocking ASMs connection back to the platform. A workaround you can try is to download the file directly from (debug URL) in a web browser and then run the script on the device manually. For more information, click here.

Can ASM deploy to a RDS Server that is accessed through VPN?

Yes, you can just deploy using the standard scripts.

Where are assets dropped during the agent deployment process?

Most assets will land in C:\Program Files\Saaslio. You’ll see a Saaslio-x64.exe file. Since most of the ASM model is based on the user session, this file runs upon login/unlock/ or RDP to connect a Windows device. For more information, click here.

Can ASM deploy to and capture information from Citrix environments?

Yes, as long as the Citrix instances are a Windows environment.

Will any parts of the installed agent softwares be visible in “Add / Remove Programs”?

No, ASM doesn't natively show in Add/Remove Programs. Since ASM runs as a process that is associated with the user’s active session, you will see an Auvik SaaS Management process running in the Task Manager.

Is a Mac deployment of ASM similar to a Windows deployment?

Macs are supported as well as several MDMs as well.on

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request