Unstructured data can be substantial across an enterprise, so it is important to understand who is responsible for managing that data. This is paramount for data that has been identified as important or sensitive and placed under governance.
Historical resource activity or security information is used to determine the perceived owner and provide guidance on who should be assigned as the business owner for a particular resource. For more information, see Managing business ownership for a resource.
Compliance officers and administrators can run this report against the entire enterprise. The report helps to identify whether data ownership is applied properly. This is a useful report to run when you are first bringing resources under governance to understand the resource activity patterns and starting a data stewardship process.
Use the following parameter to define the contents of the report.
Parameter | Description |
---|---|
Exclude Resources with Owner | Select this check box to exclude resources that already have an owner assigned from the report. |
Having a clear picture of who can access data within your organization is key in maintaining data governance. This report displays an account’s resource access across all managed hosts within the enterprise and a detailed view of account group membership.
Managers can run this report for any account they manage; Compliance officers and administrators can run it for any account within the enterprise. This report helps to ensure that access has been properly assigned so that employees can perform their day to day duties. The report also identifies how accounts have attained that access and whether the level of access is appropriate.
|
Note: This report is not available for NFS managed hosts. |
Use the following report parameters to define the content of the Account access report.
Parameter | Description | ||
---|---|---|---|
Hosts |
Specify the managed hosts to be included in the report:
When the Specific hosts option is selected, select the individual hosts to be included. | ||
Excluded Accounts | Optionally select the users, groups or built-in security principals to be excluded from the report. | ||
Expand Groups | Specify whether you want to include group members in the report. That is, select the Expand Groups check box if you want to include access granted through group membership in the report. | ||
Resource Types |
Select the resource types to be included in the report. By default, all resource types are included.
| ||
Excluded File Types |
Optionally specify the file extensions for the types of files to be excluded from the report. Use the buttons on this page to add and remove file extensions from the exclusion list:
| ||
Excluded Folder Names |
Optionally specify the names of folders to be excluded from the report. Use the buttons on this page to add and remove folders from the exclusion list:
| ||
Data Under Governance Only | Specify whether to include only resources that are under governance in the report. That is, select the Data Under Governance Only check box to include only governed resources in the report. |
The Account access (employee) report details an employee's direct and indirect access (through group memberships) to file system or SharePoint resources on the managed hosts. This report returns account access information for all of that Employee's associated identities, eliminating the need to rerun the current Account Access report for each individual identity.
|
Note: This report is not available for NFS managed hosts. |
Use the following report parameters to define the content of the Account access (employee) report.
Parameter | Description | ||
---|---|---|---|
Managed hosts | Select the managed hosts to be included in the report. | ||
Excluded accounts | Optionally select the users, groups or built-in security principals to be excluded from the report. | ||
Expand Groups | Specify whether you want to include group members in the report. That is, select the Expand Groups check box if you want to include access granted through group membership in the report. | ||
Resource types |
Select the resource types to be included in the report. By default, no resource types are included. Resource types that can be included are:
| ||
Excluded Extensions | Optionally specify the names of folders to be excluded from the report. Use the buttons to the right of this field to add and remove extensions from the exclusion list. | ||
Excluded Folders |
Optionally specify the names of folders to be excluded from the report. Use the buttons to the right of this field to add and remove folders from the exclusion list.
| ||
Data Under Governance | Specify whether to include only resources that are under governance in the report. That is, select the Data Under Governance check box to include only governed resources in the report. |
This report identifies the accounts that have access to specific resources within your environment. This can help you meet your compliance and audit goals by ensuring only authorized users can access the specific resources.
|
Note: The resource browser and resource access reports do not display the limited access users or "previewer" accounts for resources on Cloud managed hosts. |
When you run the report, you can select specific resources and isolate specific types of permission, such as modify, full control, read, and execute. The report includes subfolders and files of the identified resources if the security differs from the parent (for example, if inheritance is overridden or blocked).
Business owners can run this report on resources they own; Compliance officers and administrators can run this report for all resources within the enterprise.
This report helps to identify data with several access points that should be monitored and potentially governed. Content that is available to “Everyone” or “All Sales” for example, can pose a high risk of having a sensitive file placed within it either in error or with malicious intent.
Use the following report parameters to define the content of the Resource access report.
Parameter | Description | ||||
---|---|---|---|---|---|
Display Options |
Specify whether you want to include child resources or access granted through group membership in the report.
|
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy