Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Authorization > Defining administrators > Editing administrators
Editing administrators
Administrator Help | Forcepoint DLP | Version 8.7.x
Related topics:
*
Defining administrators
*
Select Incidents
*
Select Policies
*
Select Business Units
*
Working with roles
*
Adding a new role
Administrator user names and email addresses are defined under Global Settings, and cannot be changed in the Data Security module of the Security Manager.
Administrator roles and access permissions, however, are configured in the Data Security module.
To edit administrator permissions:
1.
Go to the Settings > Authorization > Administrators page in the Data Security module of the Security Manager.
2.
Select the user name for the administrator whose profile you want to edit. Note that changes to administrator profiles are recorded in the audit log.
3.
Select a role for this administrator from the drop-down list (see Working with roles), or click New to create a new role.
Click View Permissions to view the permission settings for the selected role.
4.
Under Incident Management, indicate which incidents this administrator should be able to manage. By default, the administrator can manage all incidents from all policies and business units. Click the links to modify these settings. See:
*
Select Incidents
*
Select Policies
*
Select Business Units
5.
To add a record to the audit log each time this administrator views incident details in the Incidents report, select Audit incident detail views.
The audit log (Main > Logs > Audit Log) is updated when the administrator clicks (and highlights) an incident in the report, and details are displayed in the Preview pane (triggered values, properties, forensics, and history). The log is also updated when the administrator double-clicks an incident and opens its details in a new browser window.
If this administrator is assigned a role with permission to "perform operations on incidents," then records are also added to the audit log when the administrator emails incidents to a manager or other recipient, or when the administrator exports incidents to a CSV or PDF file.
This option does not add a record when the administrator views the incident summary information that is displayed when he or she runs a report.
By default, administrators are not audited when they view incident details.
 
* 
Note 
If local administrators are also defined as members of a user directory group, the permissions you assign here supersede those of the group.
6.
Click OK.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Authorization > Defining administrators > Editing administrators
Copyright 2020 Forcepoint. All rights reserved.