Skip to main content

Alert for new accounts and redirect users away from not-permitted apps

Use this rule to steer employees toward approved tools when they sign up for an app your organization doesn't permit — like redirecting someone from ChatGPT to your approved AI tool, or from Dropbox to Google Drive.

Written by Velizar Demirev
Updated today

When to use this rule

  • You have specific apps marked as Not Permitted and a preferred alternative for each

  • You want users to hear about the approved option immediately - not days later in a follow-up conversation

  • You want your team alerted when someone signs up for a not-permitted app so you can track how often it happens

Key distinction: This is an Account rule, not an App rule. It triggers when someone creates a new account for an app that's already in your inventory. If the app has never been seen before, that's a new app - and it's handled by your new app discovery rule instead.

Prerequisite: You need to have set not permitted approval statuses on the relevant apps before this rule will work. If you haven't done that yet, see Define your SaaS landscape.

How to set it up

  1. Go to Automations → Rules in the left nav

  2. Click Create New Rule

  3. Select the Account tile

  4. Click Add Condition and select New Account for App

  5. Choose the specific not-permitted app (e.g., OpenAI)

  6. Add your actions:

Nudge the end user toward the approved alternative

Action: Nudge the end user

  • Click Add Action → Nudge

  • Select Provide alternative app

  • Enter the name of the approved alternative (e.g., Gemini, Google Drive, Zoom)

The user receives a message explaining that the app they signed up for isn't permitted by your organization, along with a direct pointer to the approved alternative. The tone is informational, not punitive - it tells them where to go, not that they did something wrong.

Alert your team that someone signed up for a not-permitted app

Action: Email alert (to you or a team member)

  • Click Add Action → Email

  • Enter recipient email addresses

  • Add multiple recipients by adding additional email actions

Action: Slack channel alert (follow the same instructions for Teams channel alerts)

  • Click Add Action → Slack Channel

  • Select the channel you want to send the alert to

  • Add multiple channels by adding additional Slack channel actions

Action: Slack user alert (follow the same instructions for Teams user alerts)

  • Click Add Action → Slack User

  • Select the user you want to send the alert to

  • Add multiple users by adding additional Slack user actions

The option to select Slack or Teams channels/users will only appear after you've connected your Slack/Teams org to your Nudge Security instance.

Action: Webhook (use this to surface an alert to a SIEM tool or ticketing tool like Jira)

  • Click Add Action → Webhook

  • Paste in the webhook URL

  • Add multiple webhooks by adding additional webhook actions

Once you're all set make sure to click the Save rule button.

Build one rule per app-alternative pair

This rule targets a single not-permitted app and points to a single approved alternative, so you'll need a separate rule for each pair. Common examples:

Not-permitted app

Approved alternative

OpenAI / ChatGPT

Your approved AI tool (e.g., Gemini, Copilot, Glean)

Dropbox

Google Drive or OneDrive

Zoom

Your approved video conferencing tool

WeTransfer

Your approved file sharing tool

Start with the apps that come up most often. You can check your app inventory to see which not-permitted apps have the most accounts - those are the highest-impact rules to create first.

What happens after the rule fires

When someone creates a new account for the not-permitted app:

  1. The user receives a nudge via email explaining that the app isn't permitted and suggesting the approved alternative

  2. Your team gets an alert (email, Slack/Teams, or webhook - depending on how you configured it)

  3. You can check the user's nudge response in Automations → Nudge history to see if they acknowledged it

The nudge doesn't force the user to do anything - it's a recommendation. If someone keeps using the not-permitted app after receiving the nudge, you may want to follow up directly or pair this with a blanket delete-account nudge for all not-permitted apps.

Considerations

  • Hold off on the nudge action if you haven't communicated Nudge Security to your workforce yet. Start with alerts only so your team has visibility, then add the nudge once you've prepared your workforce. A user getting a nudge from a tool they've never heard of is confusing - context matters.

  • This rule only fires for new accounts. It won't retroactively nudge people who already had accounts before you created the rule. For existing accounts on not-permitted apps, you can send a one-time nudge manually from the app record.

  • This rule pairs with a blanket delete-account nudge for all not-permitted apps. This rule handles specific apps where you have an alternative to recommend. Whereas, a delete-account nudge is a blanket safety net for everything else that's not permitted. If an app triggers both, the user gets both nudges - the alternative suggestion and a delete request; the messaging reinforces the same outcome.

Tips

  • Start with your highest-volume not-permitted apps - the ones where you see the most new accounts

  • If you have the browser extension deployed, you can also enable browser nudges for not-permitted apps. This shows a prompt on the app's login or signup page before the user creates an account - a preemptive complement to this rule, which fires after signup

Related Articles
Before You Start Nudging: Onboard Your Team to Nudge Security
Alert your team and nudge end users when a new app is discovered
Define your SaaS landscape
Set up rules and alerts
Did this answer your question?