Installer Guides

Users

Navigating to the Users Section

Users section in Access Governance

To access the Users section within the Access Governance module:

  • Navigate to the top navigation bar on the home screen.

  • Click on the Governance tab.

  • From the dropdown menu, select Access Governance.

  • Within the Access Governance dashboard, choose the Users tab from the left-hand panel.

The Users section within the Access Governance module provides a centralised dashboard to view and manage user distribution across departments. This enables effective monitoring of access patterns, identification of anomalies, and enforcement of access control policies.

Key Elements

Users Dashboard in Access Governance

  • Department-wise Breakdown: Users are grouped by departments (e.g., Finance, Sales, HR, IT), allowing for quick assessment of how many users belong to each area.

  • User Count: Each department card displays the total number of users associated with that unit.

For example:

  • Unknown: 25 users (largest group with undefined department assignment)

  • Sales: 8 users

  • Finance: 10 users

  • HR1: 8 users

  • Other departments like Product, Legal, Engineering, and Marketing have fewer users.

This visual representation allows users to quickly understand the composition and size of each department at a glance.

Filters and Customisation

At the top of the page, multiple filtering options are available to help refine the view:

  • Departments: Filters users by department.

  • Employment Type: Filters users by employment category.

  • Attributes: Applies filters based on user attributes.

  • Attribute Sensitivity: Identifies users with access to data of varying sensitivity levels.

  • All Filters: Displays a consolidated view of all applied filters, with an option to clear them using Clear all.

List View Toggle

The User List View provides a tabular representation of all users within the organisation who are being tracked and governed under the Access Governance framework.

Click on the toggle tab for list view

Note: Users can toggle between grid and list views using the layout switch icon in the top-right corner.

Columns Displayed

Users List View in Access Governance

Each row in the table represents a user, with the following columns:

  • User: Username of unique identifier.

  • Sensitive Objects: Number of high-sensitivity resources accessible to the user.

  • Total Objects: Total count of accessible resources.

  • Attribute Types: Number of access attributes grouped by sensitivity level (High Sensitive and Total).

  • Entities: Systems or applications associated with the user.

  • Employment Type: Specifies if the user is an employee, contractor, or unknown.

  • Department: Indicates the user’s department.

  • Groups: Number of groups the user belongs to.

Note: Data can be exported in CSV format using the Export CSV button at the top right corner of the page.

User Details

From the Users section, selecting a department card opens a detailed view displaying individual user information associated with that department. This view is essential for access governance and user auditing, providing visibility into each user’s associations, privileges, and data access. For example, selecting the Finance department card reveals detailed records of all users within that department.

Overview Tab

The Overview tab is the default landing section when accessing a user's details. It provides a summarised snapshot of key metrics and attributes associated with the user. For example, this summary highlights employment type and department information, followed by a high-level overview of the Datasources, Entities, Attributes, and Groups the user has access to.

A specific user's overview in access governance

Key Components of the Overview Tab:

  • Datasources: Number of connected systems providing user access data.

  • Entities: Count of systems or applications the user is linked to.

  • Attributes: Metadata tags (e.g., department, role) assigned to the user.

  • Groups: Number of groups the user belongs to.

  • Unresolved Alerts: Active access-related alerts needing review.

Datasources Tab

The Datasources tab within a specific users's detail view in Access Governance provides insight into the data systems or repositories to which the user has access.

Datasources Tab of a specific user

Each row represents a data source the user can access. The table includes the following details:

  • Data Source Name: Name of the specific data source accessible to the user.

  • Data Source Type: Category of the source (e.g., SharePoint, OneDrive).

  • Total Objects: Total number of data objects available to the user within the source.

  • Sensitive Objects: Number of data objects classified as sensitive.

  • Risk Density: Percentage of sensitive objects relative to total objects, indicating data sensitivity and access risk.

Entities Tab

The Entities tab within a users’ detail view provides a breakdown of all data entities the user can access. It is divided into two sections:

  • Direct Access: Lists entities that the user has explicit access to on its own, without inheritance from any other group.

  • Access via Group: Lists entities that the user can access through a parent group or higher-level group association.

Direct Access

Entities Tab of a specific user

Each row represents an entity the user can access. The table includes the following details:

  • Entity Name: The name of the entity or dataset.

  • Entity at risk: Indicates whether the entity contains sensitive or high-risk data.

  • Entity type: Identifies the type of entity (e.g., database table, API endpoint, or document repository).

  • Datasources: Lists the data sources associated with the entity.

  • Objects: Total number of objects the user can access within the entity.

  • Attributes: Total number of data attributes within the entity.

Note: For Direct Access, users can filter this information by Datasources or Risk.

Access via Groups

In the Access via Groups section, entities that a user has access to through groups can also be filtered by Datasources. Once the filters have been applied, the relevant groups will be displayed as widgets showing the group name and number of associated entities.

Attributes Tab

The Attributes tab under the Access Governance module provides a comprehensive view of the sensitive data attributes that a selected user has access to.

Direct Access

Attribute types that a user has direct access to:

Direct Access attributes count

Sensitivity Summary Cards: Shows count of attributes grouped by sensitivity:

  • High Sensitive: 7 attribute type

  • Medium Sensitive: 12 attributes type

  • Low Sensitive: 3 attribute type

Note: In this example, the user has direct access to attributes. Users can also filter this information by Sensitivity or Attribute.

Access via Groups

This section displays the attributes that a user inherits access to via any group.

Access via a group attributes

This section displays the attributes that a user inherits access to via a parent group.

Sensitivity Summary Cards: Shows inherited attribute types grouped by sensitivity:

  • High Sensitive: 0 attribute types

  • Medium Sensitive: 0 attribute types

  • Low Sensitive: 0 attribute types

In this example, the user does not have direct access to any attributes via a group.

Groups Tab

The Groups tab under the Users section provides a list of groups associated with users.

Groups to which the user belongs

Each row represents a group the user can access. The table includes the following details:

  • Groups: Name of the group the user has access to.

  • Member Count: Total number of users in the group.

  • Sensitive Objects: Number of sensitive data objects accessible to the group.

  • Total Objects: Total number of data objects available to the group.

  • Attribute Types: Number and sensitivity level of attributes accessible by the group.

  • Entities: Entities associated with or accessible by the group.

Unresolved Alerts Tab

The Unresolved Alerts tab under the Users section displays security or compliance issues related to the selected user that have not yet been addressed. These alerts help governance teams track and act on access risks in real time.

Unresolved alerts related to a user

In this example, the user has no unresolved alerts.

Activity Log Tab

The Activity Log tab under the Users section displays a historical record of user activities related to access governance. This includes user access changes, group membership updates, data access modifications, and alert resolutions. Filters are available by Data Source and Date to narrow down the log for analysis or auditing purposes. Note: Users can export the data in CSV format by clicking the Export CSV button located at the top right corner of the page.

Purpose and Utility

  • Identify Access Risks: Detects departments or groups with unusually high user counts, including unknown or misclassified users that may indicate governance gaps.

  • Support Access Reviews: Enhances visibility into user distribution, privileges, and potential exposure to sensitive data.

  • Enable Targeted Governance Actions: Provides filtering options by department, employment type, or data sensitivity, facilitating precise remediation and policy enforcement.

  • Ensure Compliance and Audit Readiness: Offers a clear, auditable trail of user access patterns, activities, and unresolved alerts, ensuring alignment with organisational access control standards.

  • Promote Proactive Risk Management: Empowers governance teams to monitor, assess, and act upon user access data dynamically, fostering continuous compliance and reducing security risks.

PreviousDashboardNextGroups

Last updated