HomeDocumentation and Guides

Classifying Apps

How to Classify Apps

You can classify "Unclassified" apps automatically through a policy Response Action or manually. To classify manually, click the Classify button and choose a classification reason in one of the following two locations:

  1. In the App Grid, to the right of the app name:
  1. In the app details:

To automatically classify apps, add a response action to the appropriate Apps Firewall policy. For example, in a Trusted Access Scopes policy, any apps that meet the trusted scopes criteria are automatically classified as Trusted when Cloudlock detects the installation.

Classification Reason

When classifying an app as Banned or Trusted you must select a Classification Reason. Selecting a classification reason enables the user to categorize banned and trusted apps for auditing purposes.

App Classifications

Banned—Applications not allowed in your domain.

Apps that you do not want used in your domain by any user should be Banned. The Revoke Banned Apps policy is enabled by default and continues the workflow of revoking apps once they are banned. (See Revoking an App for more information.)

Restricted—applications approved for some, but not all users in your domain.
Apps that may be appropriate for use by some users in the environment but not others can be restricted. To restrict an app:

  1. Classify the app as Banned and provide a reason.
  2. The next window provides the option to ban the app for all users or specific users, groups or organizational units. You can also choose to ban for all users except for specific users, groups or organizational units where appropriate.
  3. Click Ok to save the classification.
    Apps will only display as Restricted after these steps are complete, as it is not one of the four standard classification options.

You can also do this in the Revoke Banned Apps policy configuration. Click on All Users and determine which users should have access revoked and which are exceptions.

Trusted—Applications approved for any user in your domain.

Apps classified as Trusted are appropriate for use by all users domain-wide in the environment. The Trusted Apps by Name policy automatically classifies apps as Trusted. You can also automatically or manually classify apps as Trusted in the Trusted Access Scopes policy.

Unclassified—Applications that have not yet been categorized.

Newly discovered apps are by default classified as Unclassified.

Under Audit—Applications that are under review and have not yet otherwise been classified.

Classifying an app as Under Audit indicates that further research or review needs to be conducted before a final classification can be decided on.