Documentation forAccess Rights Manager

Assign the administration of access rights to a Data Owner

Background / Value

One of the most important processes in improving the security situation in your organization is the delegation of access rights to managers and team leads. As an Administrator you can, in close coordination with management, nominate Data Owners and assign resources. This has the distinct advantage that management decides who should have access to what information and is involved in the process of access rights assignment.

 

Decentralize security expertise and transfer the responsibility for directory management to data owners.

organigramm

 

Define data owners and assign resources

Background / Value

Data Owners and Managers have the responsibility to protect digital resources in their departments. ARM allows you to delegate this individual responsibility effectively. The following example shows a typical configuration.

These settings can be found in the ARM configuration application. You can find more detailed information in the chapters Manage ARM users and Data Owner.

 

Step-by-step process

Start the ARM configuration application and select "Data Owner".

 

  1. Create an organizational category, for example "Marketing".
  2. Select the newly created category.
  3. Use the search field to find the desired account.
  4. Use drag & drop to move the account to the column "Data Owner".
  5. Select the desired role in the column "User role".

 

D002-03 EN Einen Data Owner definieren und ihm Ressourcen zuweisen

  1. Use drag & drop to move resources out of the "Resource selection" into the "Resources" section. You are also able to search for resources.
  2. Mark the resources as "requestable" in GrantMA.
  3. Mark the resources as "visible".
  4. Mark the resources as "changeable".

 

Enable data owners to manage permissions

Background / Value

ARM allows you to delegate different roles and responsibilities relating to user management. We recommend starting with a simple definition of a Data Owner. This Data Owner is able to see and change access rights to file servers for their employees and areas of responsibility.

These settings can be found in the ARM configuration application. You can find detailed information in the chapter Manage ARM users and Data Owner.