Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Resource's Governed Data view

A governed resource's Governed Data view appears when you click an individual resource from the Governed Data Overview. This view consists of the following tabbed pages which provides additional details about the selected resource.

Table 70: Resource's Governed Data view
Tab Description

Overview

A hyper view (graphical representation) of relations between the resource and One Identity Manager.

Master data

The resources' properties, including the ownership properties of a resource.

NOTE: Business owners who have both the Data Governance\Administrators and Data Governance\Direct Owners application roles assigned, can modify the properties of a resource.

Classification

Classification level assignment.

In addition to viewing the classification level assignment, you can assign a classification level to an owned resource.

Recent activity

The activity logged against the resource in the last seven days.

Access

The access permissions assigned to an account or group.

If the permissions are not set correctly, you can request to modify them.

Access Analysis

A graphical representation and details gathered from analyzing access based on organizational structure. This view consists of the following tabs:

  • Access analysis on <resource type>: For the selected resource, this page displays graphs showing the access rights assigned to people based on organizational structure.
  • Access analysis on backing folder permissions: For the backing folder associated with the resource, this page displays different graphs showing the access rights assigned to people based on organizational structure.
  • Access Details: This page displays a list of the people used in the access analysis of the selected resource.

The following access analysis is performed and presented:

  • Access analysis by department

    NOTE: In order for the department association to display properly, the Primary department property must be set on the Change master data | Organizational tab for an employee.
  • Access analysis by primary role title

    NOTE: In order for the primary role association to display properly, the Primary business role property must be set on the Change master data | Organizational tab for an employee.
  • Access analysis by location

    NOTE: In order for the location association to display properly, the City property associated with the location must be set. That is, set the Primary location property on the Change master data | Address tab for an employee, and the City property on the Organizations | Locations | <location> | Change master data | Address tab.
  • Access analysis by access assignment method. Valid access assignment methods are:
    • Alias
    • Deleted
    • Domain
    • Domain Group
    • Domain User
    • Invalid
    • Machine Local Group
    • Machine Local User
    • Office 365 User
    • OneDrive for Business Group
    • SharePoint Claim
    • SharePoint Group
    • SharePoint Identifying Claim
    • SharePoint Online Group
    • Special
    • Unix Group
    • Unix Owner
    • Unix Other
    • Unknown account or group
    • Unknown assignment type
    • Well Known

The data is displayed in pie charts; however, clicking the Grid view link will pop up a dialog that displays the data in a grid format.

Clicking a segment in a pie chart or the View People button in the grid view displays a list of the people associated with the selected item.

Reports

A list of Data Governance Edition reports that can be generated for the resource.

Folders

For shares, the folders contained within the selected share. This view consists of the following tabs:

  • Folders with blocked security inheritance
  • Folders with deviated security indexes
  • All folders, which contains a list of the governed folders which are contained within the selected share.

Clicking a folder from one of these views displays additional details about the selected folder.

Risk

Risk analysis for a resource including the properties and assignments that contribute to the calculated risk index.

Attestation

The attestation cases found for the object.

Usage

A list of employees who have accessed or may access the resource.

Auditing - Managed Hosts view

The Auditing - Managed Hosts view displays a list of managed hosts or the governed data for a given managed host. As an auditor, select Responsibilities | Auditing | Governed data to display this view in the web portal.

The view displays the following information for all manged hosts in your Data Governance Edition deployment:

  • Display value
  • Host type
  • Count of governed resources
  • Count of points of interest

Clicking a managed host (Display value) or the Show governed data button in the Action column displays the Auditing - Governed data view, which includes the following additional details:

  • Path
  • Governed data type
  • Risk index (calculated)

Clicking a governed resource (Path) from this view displays the resource's governed data view. For more information, see Resource's Governed Data view.

Clicking the View Content button in the Action column displays the governed data for the selected managed host.

Data Governance Administrator responsibilities

Data Governance Administrators will see an additional Governance Administration submenu under the Compliance and Responsibilities menus in the web portal.

From the Responsibilities | Governance Administration view, Data Governance Administrators can:

In addition, if you are a business owner of governed data (with the Data Governance\Direct Owners application role), you can use the Governed Data menu item to perform these additional business owner tasks:

See Business owner responsibilities for the tasks all business owners can perform using the web portal.

Reviewing resource statistics and details

Use the Governed data overview view to review statistics and details about the governed resources in your Data Governance Edition deployment.

To review resource statistics and details

  1. From the menu bar, select Responsibilities | Governance Administration.
  2. On the Governance Administration view, select the Governed Data Overview tile.

    The Governed data overview view appears which consists of four tabbed pages.

  3. Open the Statistics tab to display a graphical overview of all governed resources. The Statistics available include:

    • Top 10 active resources across all governed resources
    • Total number of explicit security deviations
    • Total number of items with blocked security inheritance
  4. Open the Resource overview tab to display all governed resources, grouped by resource type.
  5. Open the Resources with activity tab to display a list of resources with recent activity.
  6. Open the All resources tab to review a list of all the governed resources.
  7. Clicking a resource from any of these views displays the Governed Data view for that resource, which contains additional details about the selected resource.

Related Documents