Skip to content
English
More support Sign in
EveryCloud
  • There are no suggestions because the search field is empty.

Netskope – User Notification for Non-Sanctioned Applications

Understanding and configuring user alert notifications when accessing unsanctioned applications

Overview

Netskope can display user notifications when a user attempts to access a non-sanctioned (unsanctioned) application. These alerts are used to inform users that the application is not approved and may be restricted by policy.

Notifications help enforce acceptable use policies while giving users visibility into why access is being flagged or blocked.

Applies to

  • Netskope Cloud Security Platform
  • CASB (Cloud Access Security Broker) policies
  • Real-time user traffic controls

What Is a Non-Sanctioned Application

A non-sanctioned application is any cloud service that:

  • Has been classified as unsanctioned by policy
  • Falls outside approved business applications
  • May pose a security or compliance risk

Examples may include:

  • Unapproved file sharing platforms
  • Shadow IT SaaS applications
  • Personal cloud storage services

When Notifications Are Triggered

User notifications are typically displayed when:

  • A user attempts to access an application marked as unsanctioned
  • A policy rule is configured with a user alert / coaching action
  • Traffic matches a real-time protection policy

Depending on policy configuration, the user may:

  • Receive a warning only
  • Be blocked from accessing the application
  • Be allowed to proceed after acknowledgement

User Experience

When triggered, the user will see:

  • A notification message explaining the restriction
  • Details about why the application is flagged
  • Possible actions (e.g. continue, cancel, or request access)

This is often referred to as user coaching, helping guide users toward approved services.

Configuration Overview

User notifications are configured within Netskope policies:

  1. Create or edit a Real-time Protection Policy.
  2. Define conditions (e.g. application = unsanctioned).
  3. Set the action to:
    • Alert
    • Block
    • Coach / User Notification
  4. Customise the notification message shown to users.
  5. Apply the policy to relevant users or groups.

Best Practices

  • Use clear, non-technical language in notification messages.
  • Provide guidance on approved alternatives where possible.
  • Avoid overusing alerts to prevent user fatigue.
  • Combine alerts with blocking for high-risk applications.

Impact

  • Improves user awareness of security policies
  • Reduces use of shadow IT applications
  • Helps enforce compliance requirements

However:

  • Excessive alerts may lead to users ignoring warnings
  • Poorly configured policies may disrupt legitimate workflows

Action Required

  • Review existing Netskope policies for unsanctioned apps.
  • Ensure user notifications are enabled where appropriate.
  • Customise messages to align with company policy.
  • Test the user experience before rolling out broadly.

Additional Information

User notifications are part of Netskope’s broader user coaching framework, which allows organisations to influence user behaviour without immediately blocking access.

For higher-risk applications, consider combining:

  • User alerts
  • Access blocking
  • Incident logging and reporting