Data Owner and Permissions Review Workflow in Secure & Govern
Data Owner and Permissions Review Workflow in Secure & Govern
Properly securing your content includes regular permissions reviews to ensure only the right people have access to the right content. Egnyte recommends taking a strategic view of your folder structure, identifying the folders with the most critical content, and prioritizing permissions reviews on an organizational, and then folder, basis. A good goal is to complete permission reviews of all of your content on at least an annual basis. Permissions to more critical content might be reviewed on a more frequent basis, like monthly or quarterly.
Egnyte allows you to assign Data Owners the task of reviewing folder permissions to help take the burden off of the IT team. Data Owners usually are the people within your organization that have direct responsibility for the security of your data. They can help ensure data is protected, that the right controls are in place for access to data, that the data quality is understood, measured, and managed. These data owners can be the heads of business units or departments, or other designated staff. Obviously, you will want to make sure the Data Owners are trained on their responsibilities and know how to carry them out before proceeding.
The basic permissions review workflow is as follows:
Administrator:
- Prioritize folders and identify Data Owners. Educate Data Owners on their responsibilities and how to carry them out.
- Add Data Owner and assign to folder or folder and subfolders. Click here to learn how to set up Data Owners.
- Request review of folder or folder and subfolders. Click here for step by step instructions on how to request a permission review.
- Receive email notification that review is complete.
- Appropriately track and report completed permissions reviews
Data Owner:
- Accept Data Owner role. Attend required meetings or training to understand responsibilities and how to carry them out.
- Receive email alert notifying them of folder assignment.
- Receive email alert notifying them of permission review request.
- Click button in email alert to view the folder/subfolders for review.
- Complete reviews, adding or removing users and modifying permissions as needed. Mark folder(s) as reviewed.
- Receive email notification that review is complete.
Add Data Owners: Start by adding Data Owners to your folders. Egnyte will recommend Data Owners for each folder based on who has Owner permissions, who accesses the folder the most, or who generates links from the folder the most. You can assign Data Owners to just a top level folder, or to a top level folder all subfolders. Your Data Owners do not have to be Egnyte Secure & Govern Users. Egnyte will automatically add them as a Secure & Govern user and assign the correct permissions to enable them to manage permissions in the folders assigned to them. They will be able to access Secure & Govern directly from the email that notifies them that they were assigned to the folder or the email that requests a permissions review.
Request Permissions Reviews: Once you have Data Owners assigned, you can request a permission review and provide a deadline for completion. A permission review is basically a task you assign that asks the Data Owner to take a look at the current user permissions on a folder, or set of folders, to ensure the correct people have access and that no one has access that shouldn’t. That way, the person that is closest to the data and knows the answer to ‘who should have access?’ is the one responsible, minimizing mistakes an Administrator otherwise might make.
Data Owners Review and Modify Permissions: Data Owners will be able to add, modify, and remove permissions for most users granted permissions to a folder. Exceptions include users assigned as folder owners, and users who are part of groups. To add a user or group to a folder, click the Add Permissions button. To remove a user or group from a folder, click the three dots button on the right of the user or group and select ‘remove permissions’ from the drop down menu. Any recommended changes to users assigned as folder owners or are part of groups should be provided to the Administrator.
Data Owners Mark Folder(s) as Reviewed: Once the Data Owners have completed their reviews, they should mark the folder, or folder and all subfolders, as reviewed. This will trigger an email notification of review completion to all Administrators and the Data Owner(s) and remove the review from the system.
Conclusion: Take some of the burden off IT and assign permission review workflows to the rightful Data Owners.
Review & Approval Workflows - Check with James Allgood
Comments
Spotlight: Egnyte Reports (+ Newly Released Configuration Settings Report)
Egnyte has just released a new audit report: the configuration settings report. This report tracks changes to your domain’s configuration settings over time, providing extra oversight regarding admin actions and/or accidental changes.
Did you know Egnyte also provides a robust set of reports to ensure a 360 degree view of what’s going on in your domain? IT administrators gain peace of mind knowing full records of key actions can be generated in minutes and stored for regular reviews and audits.
There are also multiple ways to create reports—either via Egnyte’s Reports Center in the web interface, or using Egnyte’s API for audit reports. Many customers have even set up automated reporting using the Egnyte API, streamlining the creation of regular audit reports that must be submitted.
Egnyte provides the following types of reports:
Files and Folders: See storage usage in shared folders, private folders, and the trash. Easily calculate the size of specific folders and make better decisions about archival, retention, and deletion.
Storage Device Syncing: Track the sync statuses of your storage devices and Egnyte’s desktop app. Know at a glance when sync issues have occurred and quickly remediate issues that crop up.
Locked Files: Quickly view which files have been locked and easily unlock them.
Permissions: View who has permission to specific folders, or permissions to all folders that specific users and groups have.
Audit: Analyze detailed history of files and folders, track changes in permissions and configuration settings over time, review successful and unsuccessful authentication activity, look over user and group creation, updates , and deletion, and monitor workflow history.
To learn more about Egnyte’s reporting capabilities, reach out to an Egnyte representative or your CSM. Not an Egnyte customer? Chat with us today.