SECURECLOUD - By Coronet - Getting Started

Contents    Introduction    System Requirements    Coronet Setup    Assigning Coronet Licenses to Users    Coronet’s Endpoint Access    Coronet Protection Modes and Rules    Coronet Events

 

Introduction:

SECURECLOUD - By Coronet , is a SaaS (Software as a Service) Cybersecurity platform that provides ease of set up and can be configured in less than 3 minutes. It requires no implementation or monitoring and provides an invisible layer of protection for your cloud applications.

With an all-in-one solution that covers an organization’s DLP (Data Loss Protection) and Access Management, while also acting as a CASB (Cloud Access Security Broker).

SECURECLOUD - By Coronet is intended for SMBs (Small and Medium-sized businesses).

 

System Requirements:

SECURECLOUD - By Coronet , is a cloud-based solution. Setup and configuration are performed via a Web browser application.

SECURECLOUD  - By Coronet, includes an optional, monitoring of device security posture, requiring users to install the Coronet Client and to enroll their devices.

Current Coronet Client supported devices are:

Operating System	Version
Windows	Windows 7 and above
macOS	macOS 10.12 and above
Android	Android 4.4.2 and above
iOS	iOS 9.0 and above

 

SECURECLOUD - By Coronet , supports specific cloud editions with API access:

• Office 365 
• Google G-Suite 
• Dropbox 
• Box 
• Slack 
• Salesforce 

SECURECLOUD - By Coronet Set up:

After the SECURECLOUD - By Coronet  account has been created, the customer’s IT Administrator will need to login to the Coronet Console and complete three simple steps:

1. Connect supported cloud services.
2. Assign Coronet Licenses to users.
3. Optional: Send users a Coronet client download link.

Connecting Supported Cloud Services:

1. Sign in to the Coronet Console https://cloud.coro.net/:

2.  From the menu > CONFIGURE > Services

 3. Click on the Add Services button and select the service you wish to connect.

 

4.  Each service has step-by-step instructions with screenshots, guiding the user on how to connect the service.

5. After completing configuring each service, test the connection.

6. If the connection is successful, the service will appear in the Services list, with the status Connected:

Assigning Coronet Licenses to Users:

Once a service is connected and synced with Coronet, user email addresses are imported into the Coronet console but are not automatically assigned licenses.

Note: Coronet only monitors users that have been assigned a license.

The number of licenses that can be assigned is based on the number of user licenses the customer purchased.

 

1. Sign in to the Coronet Console: https://cloud.coro.net

2. From the main menu: MANAGE > Users

3. Check the users for which you want to assign a license. 

4. From the Bulk Actions button, click on Assign License to User 

 

5. You will receive an alert that the Licenses have been assigned. 

6. The User will be marked as being assigned a license

Un-assign Coronet user licenses:

1. Check the users you wish to un-assign licenses.

2. From the Bulk Actions button, click on Remove user’s license

 

3. You will receive an alert that the licenses have been removed

4. The license will no longer be assigned

Coronet’s Endpoint Access:

If your organization requires tracking and mitigating user device vulnerabilities (i.e., vulnerable devices with old operating systems, compromised/jailbroken devices, OS vulnerabilities, or WIFI network threats), you can send users a link to download and install the Coronet Client. After installation, the user must enroll the device to the company’s Coronet account.

1. Send the user the link to download and install the Coronet Client: https://www.coro.net/download

2. Users will need to activate the Coronet client on their device. Click here for instructions.

Coronet Protection Modes and Rules:

Coronet can identify and can automatically mitigate cybersecurity risks. There are three types of threat mitigations:

1. Silent mode (creates only Console events).
2. Alert the user
3. Alert the user and take specific mitigation actions

By default, Coronet is initially set to Discovery mode, where all the security policy rules are set to Silent mode.

Coronet is pre-configured with a set of default Rules (CONFIGURE > Rules):

In general, Coronet rules are made of several different types of rules that are divided into four categories:

1. User Behavior: “User Access” Rule (before login) and “Service Activity” Rule (after login).
2. Service Threats: “Service Threats” Rule (Malware and Ransomware) and "Email Phishing" Rule
3. Data Leakage Protection: “DLP – File Type,” “DLP – Content,” “DLP – Email” Rules
4. Endpoint Security: “Network access by threat,” “Network access by list” Rules

 

Each rule is made of the following attributes:

1. Rule type
2. Rule name
3. Rule scopes
4. Rule threat triggers
5. Rule threat mitigation actions
6. Rule notification action

Rules can be Enabled or Disabled, edited, and deleted.

The user can also create additional custom rules (based on the above types of rules).

 

After letting the system run in Discovery mode for 1-2 weeks, customers should switch to Protection mode to better protect their organization.

Coronet Events:

When a rule is triggered, an event is created. You can view the list of events under INVESTIGATE > Events

Click on an event row to display additional information

We created a Best Practices guide that can accompany such events. Its purpose is to assist the SMB to reduce events

 

The events table can be filtered by clicking on the funnel button