The following conditions apply when accessing the Company Risk Score Report:
The Company Risk Score Report allows organizations to monitor and assess their organizational, location, and user-level risk exposure. The report analyzes the various factors that contribute to an organization's risk score, which may include recent malware outbreaks, risky user behavior and other suspicious factors. Administrators can study how their users' and company's risk score has changed over time and compare their score against their industry peer and Zscaler cloud averages.
Risk scores are calculated daily for each user, location, and company. Each user's behavior is analyzed against three groups of risk factors: pre-infection behavior (ex. blocked access to malicious destinations or content), post-infection behavior (beaconing or command, and control communications), and suspicious behavior (ex. data leak policy blocks). Risky behavior will have an effect on the score for up to seven days from occurrence. Different risk factors will also bear different weight on the score. For example, an active infection is more severe than a blocked access attempt to a blocked destination. Unauthenticated users are excluded from calculations since transactions can't be associated with an identity.
The report can be viewed in the Admin Portal (Analytics > Company Risk Score).
The report contains widgets that show the following information: