DLP Built in Administrator account to have limited functionality?
search cancel

DLP Built in Administrator account to have limited functionality?

book

Article ID: 251651

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite

Issue/Introduction

We need some clarifications about Default administrator.

1. Is it possible to view the incidents only? Without being able to view the information for the content of the message or the attachment? Something like the following:

2. Is there any option for password splitting? Having 2 persons with the 1/2 of the administrator password?

Environment

Release : 15.8 MP3

Component : Default-Sym

Cause

Specific Requirement in details

1. I want to change the Built in Administrator account to have limited functionality regarding the access to the incidents i.e. viewing only the incidents and not the details of the same. Is this applicable ?

2. I want to have 2 users, each one holding the half of the whole password of the default built in administrator account. The one user must have the first (left) part and the other must have the second (right) part of the password. Is there any procedure for this?

Resolution

Please find some clarifications on the questions asked i.e. 

1. I want to change the Built in Administrator account to have limited functionality regarding the access to the incidents i.e. viewing only the incidents and not the details of the same. Is this applicable ?

Ans: Nope, not possible, the thing is that the built-in Administrator is not assigned to a role. It's just the built-in Admin with default full access to everything

2. I want to have 2 users, each one holding the half of the whole password of the default built in administrator account. The one user must have the first (left) part and the other must have the second (right) part of the password. Is there any procedure for this?

Ans: The answer to this indeed isn't achievable via DLP - but definitely achievable outside, i.e.

For example if you have two users and they have to meet in person to log in as the built-in Administrator

One person types in the first half of the password, the second person types in the second half, and then they click Login and you're in to the system.

Additional Information

Note: Password authentication itself in DLP is really simple - one user, one password.

However, that's something completely outside DLP's configuration.

Powered by Wolken Software