Access Management for File Servers with tenfoldBettina Wutzlhofer2020-02-21T16:39:32+01:00
File Server Access Rights
There are two reasons why managing access rights on Microsoft® File Servers is a tedious task: For one thing, the given standard tools provide only very rudimentary reporting functions. Secondly, organizing those access rights is just a highly complicated undertaking that requires a lot of time and a lot of clicks.
Most admins will know this pain: You want to generate a report that shows who has access to one or more specific folders and, in doing so, you realize, yet again, that the tools you’re working with are less than sufficient for the task. The display options are primitive and there is no efficient way of visualizing folder access rights across several nesting levels.
Luckily, there is a remedy for this pain and it is called tenfold. tenfold features a cozy, explorer-style interface in which users (admins, folder owners) can select the desired folder on the file server. tenfold then presents the set groups and users for each permission in a clear and well-structured manner. By representing the effective access rights (including inheritances and nested groups), users can easily monitor any access rights to their folders. tenfold also makes it possible to determine the areas to which users and groups have effective access rights. To optimize these processes further, tenfold sends out periodic automated PDF evaluations by e-mail.
Managing access rights on file servers using the provided standard tools can be very difficult. The trickiest part is sticking to Microsoft®’s best practices (AGDLP principle) because each step requires you to create and set the relevant access right groups manually. This is not only time-consuming, but also increases the potential for errors immensely. tenfold, on the other hand, creates all necessary groups and structures automatically. Which means: no more repetitive and tedious manual efforts. No more stress. Just some dragging and some dropping. The rest is automated.
Self-Service & Workflows
As opposed to tenfold, the standard Windows tools do not support workflows for assigning access rights, even though most companies would definitely benefit from having this resource. Compliance regulations demand that data owners (i.e. persons who are responsible for certain folders or data) must grant permission before an access right can be assigned. The regulations further stipulate that this process of approving and assigning permissions must be well documented, in case there are questions about when, why or by whom an access right was granted later on. tenfold uses approval workflows to cover these complicated processes and, in doing so, allows data owners, supervisors and IT departments to always be fully integrated into all steps involved. It uses automated emails to inform data owners about approval requests or any other actions that may be required.
Automatic Problem-Solving Skills
tenfold’s Problem Dashboard informs administrators automatically about any problems concerning the Active Directory® and file servers. Problems may include: detection of orphaned SIDs, circular references in group assignments, interrupted inheritance or full access to non-administrators. The so-called “solution assistants” will find the appropriate solution for each problem and resolve it immediately.
Report: Who has access to what folders and subfolders? (Many customizable settings)
Report: Where do users have effective access? (Including direct user permissions and group permissions, even if groups are nested)
Data history stored in tenfold database
Administrative function which allows you to view and edit permissions live. Administrators can be assigned the necessary permissions individually for each file server
Enable folders for self-service: you can make all folders down to a certain defined level available for request or just make individual folders available, regardless of their level within a folder structure
Determine data owners and configure workflows for approval of permission requests
Standard functions, like creating and deleting folders or changing folder names
Group structures in accordance with AGDLP, AGGP or AUUP models are created and maintained automatically
Necessary list groups are generated automatically to enable browsing function for users
Service account with full access to file servers intended for integration
Note: File servers based on Novell or UNIX/Linux systems (ext4, xfs, etc.) are not supported.
Report: User access rights
Fileserver Access Rights – Administration made simple
Request a free trial
It has never been easier to manage and keep track of your users and their access rights in one centralized software. Administrators, managers and your company as a whole will benefit from tenfold, as it provides a transparent overview of all access rights. tenfold can help you comply with standards, like ISO 27000, BSI, etc., and offers worthwhile functions for managing users and access rights.