The built-in Secure & Govern Power User role expands the security visibility to Egnyte Collaborate Power Users. Users assigned to the Secure & Govern Power User role, have limited views and access within Secure & Govern.
The Secure & Govern Power User role is also supported for Google Drive. These users have limited views and access within Secure & Govern functionalities, including Secure & Govern permissions, issue management, and sensitive content viewing. Power Users will solely interact with folders and handle issues where they possess folder owner permissions in the supported Google applications.
Importance of Power Users in Secure & Govern
There are several reasons and benefits of adding Power Users to Secure & Govern. Here are some of the most important reasons.
- Enhanced Access Control: Power Users bolster access control measures within Secure & Govern, ensuring that only authorized personnel can interact with sensitive content.
- Streamlined Management: By confining Power Users to relevant permissions and views, administrative tasks related to issue management and content oversight become more streamlined and efficient.
- Tightened Security: With Power Users restricted to designated areas and functionalities, the overall security posture of Secure & Govern is strengthened, minimizing the risk of unauthorized access or data breaches.
- Compliance Assurance: Incorporating Power Users into Secure & Govern helps uphold compliance standards by enforcing controlled access and oversight mechanisms for sensitive data and issues.
- Increased Productivity: The tailored access and streamlined functionalities afforded to Power Users enable them to focus on their specific tasks within Secure & Govern, leading to heightened productivity and effectiveness.
How to Add Power Users to Secure & Govern
There are two ways to add Power Users to Secure & Govern. These are described below.
Auto-Provisioning Power Users
All Power Users can be automatically provisioned to the built-in Power User role within Secure & Govern.
- To auto-provision Power Users, go to Settings -> User Management and toggle the following switch to ON.
Power User auto-provisioning is only supported for Egnyte Collaborate content sources. By default, auto-provisioning of Power Users is toggled OFF
Manually Provisioning Power Users
If not all Power Users need or require access, Power Users can be manually provisioned to Secure & Govern. The following steps are required to manually provision users in Secure & Govern:
-
Go to Settings -> User Management -> Users and click Add User.
- Search and Select the Power User to be added to Secure & Govern.
-
Select the Authentication method.
By default, users are added to the Basic Viewer role. The Basic Viewer role is a very restricted role within Secure & Govern which only allows users to comment on issues assigned to them directly.
- Select Add Role and add the Power User (Built-in) role. Click Add.
-
The user is now added to the Power User role.
As an optional step, the Basic Viewer role can be removed. This is not required since the Power User role has sufficient entitlements and keeping the Basic Viewer role doesn’t provide any additional role entitlements.
Power Users Role Entitlements within Secure & Govern
The built-in Power User role provides limited access, visibility, and controls within Secure & Govern. The Power User role entitlements provided are explained below.
To view Power User role entitlements, go to Settings -> User Management -> Roles and select the built-in Power User role:
Summary of Power User Role Entitlements
Issues
-
Users can see:
- Issues directly assigned to the user
- Issues, in folders, where they are assigned as a Data Owner
- Issues, in folders, they have owner permissions
-
Users can:
- Remediate issues
- Dismiss issues
- Reopen issues
- Delegate issues
Sensitive Content
-
Users can see:
- Sensitive content, in folders, where they are assigned as a Data Owner
- Sensitive content, in folders, where they have owner permissions
-
Users can:
- Fix Sensitive Locations
- Fix Sensitive Locations
Permissions
-
Users can see:
- Permissions, in folders, where they are assigned as a Data Owner
- Permissions, in folders, where they have owner permissions
-
Users can:
- Modify, remove, and add permissions in only the folders they own
- Modify, remove, and add permissions in only the folders they own
Power User Visibility and Controls in Secure & Govern
As explained above, Power Users will only have access to the Secure & Govern permissions, issues, and sensitive content views. Users can only see folders and manage issues where they are assigned as folder owners. What Power Users can see and do in each view is described below.
Issues View
In the Issues View, Power Users will only be able to see the following issues:
- Issues directly assigned to the user
- Issues, in folders, where they are assigned as a Data Owner
- Issues, in folders, they have owner permissions
Within the Issues View, Power Users can review and investigate issues detected within the folders under their ownership. They possess the capability to remediate, dismiss, and comment on detected issues, helping prevent and remove undesired folder access and sharing security risks. This provides Power Users the additional visibility and control needed to protect the folders they manage.
Sensitive Content View
In the Sensitive Content View, Power Users will only be able to see sensitive content in the following folders:
- Sensitive content, in folders, where they are assigned as a Data Owner
- Sensitive content, in folders, where they have owner permissions
Within the Sensitive Content View, Power Users can clearly identify and review the files containing sensitive content within the folders under their ownership. They can take remediation actions to help prevent sensitive data from being insecurely exposed in unpermitted folder locations. This provides Power Users the additional visibility and control needed to prevent sensitive data exposure in the folders they manage.
Permissions View
In the Permissions View, Power Users will only be able to see permissions in the following folders:
- Permissions, in folders, where they are assigned as a Data Owner
- Permissions, in folders, where they have owner permissions
Within the Permissions View, Power Users can examine user access and permissions specific to the folders under their ownership. They possess the capability to add, modify, or revoke permissions, thereby preventing undesired or unnecessary access to folders. Additionally, Power Users can tailor access restrictions based on the content identified in the sensitive content view. This furnishes Power Users with the extra visibility and control necessary to avert data exposure in their owned folders.
Additional Information Regarding Secure & Govern Roles and Entitlements
Role-Based Access in Egnyte Secure & Govern