Data security: What is risk level in Safetica NXT

In Safetica NXT, each event is assigned one of four risk levels (high-risk, medium-risk, low-risk, or info) based on various factors that determine how likely it is to cause a data leak. For example, sending data via instant messaging might be a low-risk event, while uploading data from a network drive to webmail should be considered a high-risk operation.

To see which policies were triggered and what other reasons (such as sensitive content found or activities detected outside working hours) are there to classify an event as high, medium, or low-risk, hover the mouse on the risk level of that event.

reason details

The same info can also be found in the Risk analysis tab of each event detail:

risk_analysis

How to recognize risky events?

Individual risk levels are indicated by colors - from grey for Info events to red for High-risk events.

High-risk events are also highlighted by a red exclamation mark in the Events per user table.

Want to learn more? Read next:

How to create a new policy

Safetica NXT Data security - Policies

Safetica NXT Data security - Overview