All Collections
Alerts
Setting Up Security Alerts
Setting Up Security Alerts

A Step-by-Step Guide to Receiving Real-Time Updates on Insider Security Threats

Sarka Valkova avatar
Written by Sarka Valkova
Updated over a week ago

Tackle insider threats in real-time. Learn how to set up and customize alerts and get notified when your employees access unauthorized apps or visit specific websites.

Alerts are accessible to administrators and managers alike.

How to Set up Security Alerts

Identify and eliminate risks as soon as they arise. Creating a new alert is possible from either the Alerts page or Settings - Alerts by clicking on the 'New Alert' button.

1. Select Alert Type

After clicking the 'New Alert' button, you will be prompted to customize your alert. Start by selecting the type of alert you wish to receive real-time insights about.

Choose from:

  • Used App Alert - Select applications that have been used within your organization or choose ones that haven't been used but you'd like to be notified if any employees start using them.

  • Visited Website Alert - Specify websites that may violate your policies and receive alerts if employees access them. Alternatively, you can track unproductive websites that have been flagged within your company to uncover usage patterns.

  • Keyword detections - Triggered upon detecting certain keywords in URL or app title. Multiple keywords can be added within one alert (1000 is a limit), but an alert will be sent for each of the keywords detected. Keyword alerts allow you to detect if your workforce, for example, was searching for 'crime' on Google search, enabling you to notify the appropriate individuals accordingly.

Throughout the entire process, you will be guided by helpful tooltips.

2. Name Your Alerts

After selecting the alert type, give the alert a descriptive name. This ensures a clear understanding of the alert's purpose when you see it on the Alerts Dashboard Overview.

3. Set the Conditions

By customizing conditions based on your requirements, you can refine your alerts to meet your specific needs. For security alerts, you will be prompted to define URLs and apps that will trigger alerts.

Visited Website - Define the modifier and URLs that will trigger an alert:

  • Modifier: Choose between 'equals' or 'contains' options. If 'equals' is selected, an alert will be sent only for an exact URL match specified in the alert. If 'contains' is selected, an alert will be sent even for partial matches.

  • URLs: Define proper URLs in the appropriate format such as www.youtube.com (only 'youtube' is not sufficient).

Used App - Define the apps that will trigger an alert. Choose an application from the list that you have visited already in the Productivity Labeling or add the name of the app you haven’t used yet and get alerted when we first detect access to that application.

Keyword detections - Define the modifier and keywords that will trigger an alert:

  • Modifier: Choose between 'equals' or 'contains' options. If 'equals' is selected, an alert will be sent only for an exact keyword match specified in the alert. If 'contains' is selected, an alert will be sent even for partial matches.

  • Keywords: The minimum length criteria is 2 characters and only words can be used. Keywords are checked in the app name and URL, but characters like 'www' or only 'http' or 'https' are not considered.

    Note: Keyword detection does not include keylogging.

4. Allow Screenshot Option when Alert is Triggered

This is an option for the Visited Website alert.

If you want to capture a screenshot when a risky website is detected, select the 'Take Screenshot' option. If your organization does not have the Screenshot feature in their plan, this action will not be available when creating an alert.

Once an alert is triggered and the Screenshot option is enabled, you can view the screenshots taken as a result of alerts on the Screenshot page. You will be able to filter by Screenshot type, where you can choose only those that were triggered with the alert.

5. Decide Who Receives Notifications When and Where

  • Team & Employees: Specify the teams and employees for whom you want to set up alerts. This is based on the teams you oversee.

  • Days: Determine which days you want to set up alerts for.

  • Recipients: Determine who will receive these notifications. Recipients are also determined based on the scope. For example, if you are a manager setting up an alert, you will be the only recipient due to your scope.

6. Delivery

Determine if you want to receive in-app notifications, email notifications, or both. The delivery method is also based on the teams you oversee.

If you choose to receive alerts via email, you will receive them for all the alerts you've selected within 10 minutes of the alert being triggered.

At the bottom of the emails, clicking on Find out more will redirect the user to the Logs page, where they will find filtered alerts from the email.

Now, you are ready to click the 'Save' button and start receiving alerts! All notifications you see after clicking on the notification bell list will be sorted from newest to oldest.



👉 Learn more:
How to set up Attendance alerts

Related Articles
What is Idle time and how can I set up or edit it in Insightful?
Insightful Tracking Settings profiles
On-demand screenshots
Setting up Attendance Alerts
Productivity labeling: Auto-labeling Mode
Did this answer your question?