Access management overview

  • Updated

Panaseer's Access Management allows you to control user access, ensuring they can only interact with Dashboards and features appropriate for their role.

Panaseer integrates seamlessly with your organization's single sign-on (SSO) system, enabling administrators to grant access through existing LDAP groups and processes. These groups are mapped to Panaseer roles and permissions by administrative users, allowing users to perform tasks such as accessing specific dashboards, creating dashboards, using Remediation Objectives, or pushing tickets into their ITSM system.

Groups, Roles, and Users

In Panaseer, users are assigned permissions using groups, roles, and users. 

  • Group: Groups are a way of collecting users that share permissions. Users are added to a group and receives the permissions associated with the group. For example, you could have an Admin group.
  • Roles: A role is just a particular configuration of permissions for things in Panaseer. The group gets its permissions by being assigned one or more roles.
  • User: A user is a single person, normally identified by an email address.

What distinguishes roles is that each one is tailored to grant access to a particular set of elements such as dashboards, features, or data.

A role is like a restaurant menu – each one contains the full list, but you only select certain items.

For example, you may have a role to view only certain dashboards, which means those dashboards have access granted in the permissions list in the role.

The diagram below illustrates the relationships between the three classifications.

 

access-cats.jpg

 

A user can be assigned to more than one group, and a role can be assigned to more than one group.

Put simply, the group is the collection of users, and the roles are the keys that unlock parts of Panaseer. Putting those keys into a group, and the users in the group, means they have access to those parts.

Jill, an Info Sec Manager, may be in a group named Security. This group has a wide remit and may include most key roles such as Dashboard Management, Cyber Controls Scorecard, Entity Configurer, etc. If you were to inspect the Dashboard Management role, you’d see that only the Dashboard Management item under Administrative permissions has permissions granted.

Accessing Access Management

Users with the permission 'User & Authorization Management' (typically reserved for administrative users) can view the Access Management settings in Panaseer from the Settings menu on the left-hand menu bar. 

Screenshot 2023-07-21 at 14.33.56.png

Within the Access Management view there four tabs, find out more about each tab below.

Users

On the Users tab you can see a list of users who have access to Panaseer together with their Groups.

Screenshot 2023-07-21 at 14.14.02.png

Groups

On the Groups tab you can see a list of all the Groups ingested via SSO with the Roles mapped to those Groups.

Screenshot 2023-07-21 at 14.44.08.png

Roles

On the Roles tab you can see a list of Roles.Screenshot 2023-07-21 at 14.44.22.png

Permissions

On the Permissions tab you can see a full list of all Permissions.

Screenshot 2023-07-21 at 14.44.37.png

A description of each Permission is available via the tooltip.

Screenshot 2023-07-21 at 14.49.36.png

Users inherit their Panaseer Groups through LDAP via SSO. To learn more about configuring Groups, Roles, and Permissions, please read Users and Groups and Configuring Roles and Permissions

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.