Users
Navigating to the Users Section
To access the Users section within the Access Governance module:
Navigate to the top navigation bar on the home screen.
Click on the Governance tab.
From the dropdown menu, select Access Governance.
Within the Access Governance dashboard, choose the Users tab from the left-hand panel.
The Users section within the Access Governance module provides a centralized dashboard to view and manage user distribution across departments. This helps in monitoring access patterns, identifying anomalies, and enforcing access control policies effectively.
Key Elements:
Department-wise Breakdown: Users are grouped by departments (e.g., Finance, Sales, HR, IT), allowing for quick assessment of how many users belong to each area.
User Count: Each department card displays the total number of users associated with that unit. For example:
Unknown: 15 users (largest group with undefined department assignment)
Sales: 9 users
Finance: 8 users
HR1: 8 users
Other departments like Product, Legal, Engineering, and Marketing have fewer users.
Filtering Options: Filters at the top of the interface (Departments, Employment Type, Attributes, and Attribute Sensitivity) allow narrowing down views based on:
Specific teams or business units
Full-time or contractor status
Custom user attributes
Data sensitivity levels linked to users
List View Toggle The User List View provides a tabular representation of all users within the organization who are being tracked and governed under the Access Governance framework.
Note- On the top-right corner, users can toggle between grid and list views using the layout switch icon.
Columns Displayed
Each row in the table represents a user, with the following columns:
User: Displays the username or unique identifier for the individual.
Department: Indicates the department the user is associated with.
Entities: Represents associated entities
Groups: Shows the number of access groups the user belongs to.
Employment Type: Specifies if the user is an employee, contractor, or unknown.
Datasources: Lists the data sources connected to the user, aiding in understanding data access paths.
User Details
Clicking on any department card from the Users section navigates to a detailed view listing individual user information associated with that department. This breakdown is instrumental for access governance and user auditing, offering visibility into each user's associations, privileges, and data access. For example: clicking on the Finance department card reveals detailed records of all users within that department.
Overview Tab
Each row in the table represents a user, and the following attributes are captured:
User Name: Identifies the specific user.
Department: Confirms the user's organizational unit (Finance in this view).
Entities: Number of data entities the user has access to. For example, "Himanshu Shukla" has access to 86 entities, while others show “--” (indicating no access or data unavailable).
Groups: Reflects how many access groups a user is part of. This is crucial for understanding permission inheritance.
Employment Type: Indicates whether the user is an Employee or a Contractor, a vital factor in risk and access profiling.
Datasources: Denotes the number of data sources (e.g., SharePoint, OneDrive) the user has access to.
Note: Users can export the data in CSV format by clicking the "Export CSV" button located at the top right corner of the page.
Datasources Tab
The Datasources tab within a specific group's detail view in Access Governance provides insight into the data systems or repositories to which the user has access.
Entities Tab
The Entities tab within a group’s detail view provides a breakdown of all data entities the group can access. It is divided into two sections:
Direct Access: Lists entities that the group has explicit access to on its own, without inheritance from any other group.
Access via Group: Lists entities that the group can access through a parent group or higher-level group association.
Attributes Tab
The Attributes tab under the Access Governance module provides a comprehensive view of the sensitive data attributes that a selected user has access to.
Direct access
Attribute types that a user has direct access to:
Sensitivity Summary Cards: Shows count of attributes grouped by sensitivity:
High Sensitive: 0 attribute type
Medium Sensitive: 0 attributes type
Low Sensitive: 0 attribute type
Note- In this example the user does not have direct access to any attributes
Access via Groups
This section displays the attributes that a user inherits access to via any group.
Sensitivity Summary Cards: Shows inherited attribute types grouped by sensitivity:
High Sensitive: 10 attribute types
Medium Sensitive: 16 attribute types
Low Sensitive: 4 attribute types
In this example, the user has access to multiple attributes via a group
Groups Tab
The Groups tab under the Users section provides a list of groups associated with users.
Key Features
Group List Table: Displays all groups that a user is a part of, along with the number of attributes each group grants access to.
Columns include:
Group Name (e.g., large-size-group-by-arpit, BusinessPremium)
Attributes Count – Number of attribute types the group has access to
Unresolver Alerts Tab
The Unresolved Alerts tab under the Users section displays security or compliance issues related to the selected user that have not yet been addressed. These alerts help governance teams track and act on access risks in real time.
In the above image the user has no unresolved alerts
Purpose and Utility:
Helps identify departments with large user counts, especially those with unknown or misclassified entries, which may pose governance risks.
Assists in access reviews by providing visibility into where users are concentrated and what access they might have.
Enables targeted investigation and policy enforcement by filtering based on employment type or sensitivity level.
Last updated