Josys facilitates IT Admin to identify and manage all unmanaged SaaS applications accessed by the employees through browsers or configured on devices. These unmanaged apps are detected and listed under the Discovered Apps by leveraging the Google Workspace integration and Josys Browser Extension where IT Admins can monitor or integrate these apps.
Overview of Discovered Apps
The Discovered App highlights apps used within the organization, often without formal approval or oversight (Shadow IT). With the recent enhancement of the Shadow IT feature, IT Admins gain valuable insights into discovered apps by analyzing their Risk Level, App Category, and Compliance, as shown in the below screen. This will enable the organization to proactively manage and mitigate risk caused by shadow users and unmanaged applications and create a compliant and secure digital environment. Each discovered app can be categorized using various statuses to add more clarity and control to the apps, ensuring security, compliance, and usability.
When an app is discovered in Josys, you can:
- Identify the actively used apps and those not used in your organization.
- Check the Risk Levels of the discovered apps, categorized as - High, Medium, and Low.
- Review the Compliance information to see the number of apps adhering to the compliance standards.
- Identify the apps with the same category for optimizing the cost.
- Classify the apps using various statuses such as Unclassified, Under Review, Approved, Unapproved, and Ignored to provide more clarity on the apps.
1. Identifying the Risky Discovered Apps
When an app is discovered in Josys, it is assigned a Risk Level, as shown in the following screen. The Risk Level calculates the risk associated with each discovered app and categorizes it into three levels, High, Medium, and Low.
Josys in partnership with Netskope utilizes Cloud Confidence Index™ (CCI) and leverages cutting-edge technologies to streamline the process of app risk assessment.
Here is how the risk level of the apps within Josys is calculated by utilizing Netskope CCL.
| CCL in Netskope | Risk Level in Josys |
| Low and Poor | High |
| Medium | Medium |
| Excellent and High | Low |
Let's consider an example, where App A receives a low/poor CCI score in Netsope, then App A possesses a high-risk level in Josys. This means that the lower the CCI score is, the higher the Risk Level of the app in Josys.
What is Netskope Cloud Confidence Index™ (CCI)
The Netskope Cloud Confidence Index™ (CCI) comprises cloud SaaS applications evaluated by the Netskope based on the criteria set by Cloud Security Alliance Guidance. These apps are given a CCI score which is helpful for the organization in selecting the apps and setting policies.
For detailed information on CCI, please visit Netskope's official documentation.
Josys’ partnership with Netskope ensures that you receive a detailed and reliable assessment of app risk levels based on industry-leading standards. This helps you make informed decisions about the apps used within your organization without the need for a separate Netskope license.
Note:
1. Josys users get all additional fields such as Compliance and Risk Level without purchasing a Netskope license.
2. Risk Level and Compliance information are sourced from Netskope excluding the App Category.
3. There are some applications with a category marked as '-' and a risk level labeled as "Unknown". These apps are currently pending further enhancement in our SaaS app catalog, which will be done in the upcoming months.
2. Reviewing the Apps Compliance
If you want to verify the compliance standards assigned to the Discovered App then you can do so by checking the Compliance information, as shown in the following screen.
Learn about the SaaS Compliance Attributes supported by Josys.
3. Categorize Discovered Apps
In addition to accessing the risk levels and compliance adherence of the discovered apps, it is also important for the IT Admin to understand and classify the actions to take on these apps. With numerous apps to manage, identifying the required apps can be challenging. Josys addresses such situations, by introducing a Status feature that allows the IT admin to classify these apps which highlights which action can be taken.
To classify the apps:
Step 1: Click the apps status dropdown menu and select a status for the apps.
The statuses are as follows:
- Unclassified: This is the default status for newly discovered apps, highlighting the IT Admin to review the app and classify it accordingly.
- Under Review: The app is currently under review by IT Admin.
- Approved: The app is approved by IT Admin for the employee's use.
- Unapproved: The app is not approved by IT Admin for use by the employees.
- Ignored: The apps are incorrectly displayed or deemed irrelevant by IT admins.
You can also utilize the filter above the apps to view only the apps with the selected status, allowing the IT Admin to take action as needed.
Whenever the status of the apps is changed, the corresponding count of apps in the selected status is also updated.
Note:
1. When the status of an app is changed to "Ignored", then that app will not be displayed under the "All" tabs. Instead, it will be displayed only under the "Ignored" tab.
2. Only the user assigned the role of Apps Editor or Super Admin can classify the apps.
3. The count in the Discovered Apps shows the count of "Unclassified" Apps. 
4. Take action based on the type of app
On approving any app, IT Admin can take necessary action on the app, either by integrating the app into Josys to tracking the app.
In Josys, Discovered Apps are categorized into:
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article