Apply an ARM account to a specific security role or data owner
There are two possibilities of involving data security officers and auditors in security related processes.
- Grant the user read only access to ARM.
- Define which reports are relevant and ARM will send them to the user automatically in the desired frequency.
Create a simple read-only account in ARM
Background / Value
Involve security officers in the process of access rights management by granting them read-only access. This allows them to generate their own reports.
These settings can be found in the ARM configuration application. You can find more detailed information in the chapter "Manage ARM Users".
Step-by-step process
- Start the ARM configuration application.
- Select "User Management".
- Use the search field to find the desired account.
- Use drag&drop to move the account to the right column.
- In the role column, select "Auditor".
The settings are active immediately.
Schedule reports
Background / Value
You can involve security personnel in the access rights management process by assigning reports to the appropriate security officers. ARM sends the reports in the desired frequency. The process is identical for all reports.
We recommend sending a selection of management reports to the role responsible for security. The reports are easy to read and only contain the necessary information.
ARM Management Reports:
Active Directory
Display group memberships and user account details
File server
Where do employees of a manager have access to?
Where do users and groups have access?
Exchange
Identifying mailbox permissions
SharePoint
Where do users and groups have access?
Step-by-step process
Select the desired report. Click "started manually" in the Settings area.
- Determine the frequency.
- Activate the mode Generate reports periodically.
- Click Apply.
Click Deactivated.
- Activate emails.
- Activate the option Add report as email attachment.
- Determine who should receive the email. You can enter more than one recipient.
- Click Apply.