8MAN VERSION 9.0 - NEW FEATURES AND BENEFITS
8MAN Enterprise: User Provisioning
Feature: Department Profiles
8MAN sets new standards in the field of user provisioning by introducing standard user profiles and compliance checks:
- Department managers, together with the management and the compliance officer, define the scope of each groups membership and the attributes that will be filled out for each profile
- Once the user profiles have been created, de-facto standards are set. When a user account is created, it is assigned a profile specific to its department. This will grant the account only the necessary access rights.
- If the employee changes the department, the new manager can simply apply his department profile to the appropriate user account.
- If the employee receives further authorizations that deviate from the standard profile, a compliance monitor displays the deviating rights to the manager for further action
- In the form of bulk operations, the department manager can update the user accounts according to the profiles in his department. This is especially important when the user profile has been updated.
Feature: User cockpits
Cockpits are dashboards that allow Administrators, Managers or Help Desk Employees to manage user profiles, perform basic admin tasks and request access rights and other actions. These cockpits greatly increase efficiency when handling access rights management and individual user accounts.
- Administrator Cockpit: Numerous administrative functions, including many bulk operations, are now available in the web client.
- Manager Cockpit: Access Rights Management is not just an issue for administrators. To efficiently secure resources in the network, security expertise and responsibility must be decentralized. Who can access which resources is top priority. With the help of a simple overview, every executive or manager can recertify access to their resources, manage their direct employees and contribute to the overall security of the network in a controlled and defined manner.
- Help Desk Cockpit: Access Rights Management runs efficiently when standard operations can be delegated. Help desk employees can now complete simple tasks and follow easy processes (such as resetting passwords or creating new accounts) via our own order portal or by using a ticketing system.
Result: the administrator is relieved and can take care of infrastructure projects.
8MATE FS Logga
Feature: Set alarms for notification of alerts
Alerts are now available for file server events. Customers must have the FS Logga installed and configured for Alerts to function. The following events can trigger an alert:
- File read
- File written
- Directory created
- File created
- Directory moved/renamed
- File moved/renamed
- Directory deleted
- File deleted
- Permission (ACL) changed
You can now define thresholds based on the frequency of the events as well as time intervals. Service accounts, administrator accounts and special directories can be excluded via a blacklist from the alert function.
Automatically run a script after an alert. If a file server or Active Directory alert is triggered, 8MAN can now execute a script. This is, for example, relevant in the following scenario:
A user account is added to the monitored administrator group. An alert is triggered immediately, and the linked script immediately removes the user account from the group. This means that the group is permanently protected from manipulation.
8MATE Exchange Logga
Feature: Track changes and deletions in mailbox accounts
Microsoft Exchange is used to centrally store and manage e-mails, appointments, contacts, and tasks. As a central solution for enterprise-wide collaboration, not only the question of access rights is relevant, but also a monitoring
of the actual activities carried out.
The 8MATE Exchange Logga logs activities of selected mailbox owners, their deputies, and administrators.
The following actions are particularly critical to safety:
- Hard Delete: Who deleted emails, contacts, or calendar entries from the Exchange server?
- MessageBind: Has an employee from the IT department looked into my e-mails?
- SendAs: Who sent e-mails in my name?
- SendOnBehalf: Who sent e-mails on my behalf?
- SoftDelete: Who (except me) has deleted e-mails from my mailbox?