Access Review Reports

Products Endpoint Protector Ideas
, ,
1

What is a one sentence summary of your feature request?

Implement Access Review Reports

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

Each year, we have a company-wide access review for those that have Portable Storage Device Access, to ensure that this is still required.

For those that declare (via submission of an internal form, or lack of submission) that this is no longer required, we remove all access to Portable Storage Devices, in an attempt to limit the number of employees that have access, to close potential data exfiltration methods. This also covers employees that leave the company.

For a company of our size (1000+ Employees), it would be incredibly useful to have a report to automate this, and I’m sure other customers could make use of this as well, allowing for easier reviews to prevent over-exposure and increasing the overall security at each company.

How do you currently solve the challenges you have by not having this feature?

Without the automation, we export a list of all users from the console and manually check against each user account, which is very time consuming (as I am sure you can imagine). Last year, we spent 20+ hours performing this task, and would love an opportunity to increase our effectiveness.

With this being widely available to all customers, it may provide a great opportunity for other customers to perform regular access reviews.

2

Brilliant idea, welcome Conor! Additionally, having the capability to automatically remove or disable user access after a specified period of inactivity (for instance, 3 months) would be very beneficial.

1 Like
3

Thanks Sam, welcome to you as well, I can see you’re also new!

That definitely could also be an interesting way to clamp down on data exfiltration. I would definitely look at implementing that within my company if it were introduced!

Perhaps as a Global Setting to apply to all users as default? It could save me a lot of manual time.

2 Likes
4

Hi Sam and Conor,

Thank you for reaching out to us. I understand there was a bit of confusion, but we do offer an existing feature that might partially meet your needs. Our Effective Report feature allows you to list Device Types and user rights, making it easier to view machines/users for a specific query. While this report can’t be scheduled at the moment, it eliminates the need to manually check each user or computer to verify rights.

Report settings sample
Report settings sample2545Ă—887 146 KB

Sample report
Sample report935Ă—347 12.3 KB

Please note that we currently have no plans to change the existing effective rights reporting feature in the near future. However, should there be any reconsideration of our reporting plans, we will certainly take your suggestions into account.

Thank you for your understanding and feedback!

Best regards,
Krzysiek

5

Hi @krzysztof.staszalek, thanks for the recommendations, I have just given this a go but unfortunately this does not cover all employees, it currently provides us with 110 users when selecting “Read-Only”. please let me know if I have done something wrong in the image attached (note we generally only give read-only or allow all access)

When changing the “Right” field to Allow Access (to cover users with full read-write access), this just shows a the user’s applied settings, which are a carbon copy of global settings for our environment (attached image).

Any further suggestions would be welcome, as Support recommended raising this as a new feature.

Many Thanks,
Conor

The image displays a user interface for generating "Effective Rights Criteria" with various options for device control, computer, device type, rights, and user specifications, along with a button to generate the results. (Captioned by AI)
The image displays a user interface for generating "Effective Rights Criteria" with various options for device control, computer, device type, rights, and user specifications, along with a button to generate the results. (Captioned by AI)1633Ă—333 12.6 KB

Allow Access Rights
Allow Access Rights871Ă—822 53.3 KB

6

Hi Conor,

Thank you for testing my suggestion. While I can’t predict the exact figures from the export you conducted, it seems you might have expected more comprehensive results. To effectively interpret rights reports, it’s crucial to understand the correlation between them and the rights priorities configured for Endpoint Right Functionality (see screenshot below)

The image displays a section of a software interface focusing on the "Endpoint Protector Rights Functionality," allowing users to select between using computer rights, user rights, or both, with an option to prioritize user or computer rights. (Captioned by AI)
The image displays a section of a software interface focusing on the "Endpoint Protector Rights Functionality," allowing users to select between using computer rights, user rights, or both, with an option to prioritize user or computer rights. (Captioned by AI)802Ă—597 47.7 KB

To better grasp these priorities, please refer to this user manual chapter: Global Rights. For instance, if you’ve set the priority for Computers, the user rights report might be incomplete depending on the computer rights configuration. Conversely, prioritizing user rights could blur the computer report.

Please review this, and if you still believe the report lacks details, describe the issue in a support ticket and submit it via the support portal. Be sure to include exact reproduction steps, showing your “Endpoint Right Functionality” settings, the expected results (at least as an assumption), the actual results, and an overview of the number of computers/users behind your appliance. Additionally, please provide your EPP Server version, Ubuntu image, and any other relevant information to aid in replicating and investigating your use case.

Best regards,
Krzysiek