Additional Management Options
The following additional management options are available.
Anonymize Users
Due to legal regulations, it may be necessary to anonymize users. Anonymization means that the user is replaced in the organizational context in all shortcuts by a special user provided for anonymization. An example of such a shortcut is the user stored in the Created by field of any object.
Anonymization also includes saved versions and audit log entries. Closed documents and documents with a retention period are, however, excluded from anonymization.
Terminating a Membership
When you terminate the membership of a user you are managing, you can choose whether to deactivate the user. Upon deactivation, all personal data except first name, surname and e-mail address will be irrevocably deleted.
Anonymization by a Compliance Manager
The compliance managers are defined via the organizational roles. When a user's membership is terminated, compliance managers are notified by e-mail. The compliance managers can immediately anonymize the user, identify all links to the user or define a reminder for a specific point in time. Since anonymization or identification of the links takes some time, the compliance managers are informed of the outcome by e-mail.
Once the links have been determined, compliance managers can view the links if they have access rights or inform the affected Teamroom administrators to review the links. The “Review” button can be used to mark the Teamrooms as reviewed. Thereby, the Teamroom administrators must define whether they believe that the links can be made anonymous. After all opinions have been collected, the compliance manager can anonymize the user if applicable (“Anonymize User” button).
The anonymization use cases can be carried out at any time for users who are no longer members of the organization using the “Anonymize User” context menu command. The context menu command can also be executed on the organization, in particular to anonymize users who, for example, worked in Teamrooms in the context of the organization but were never members.
Deletion Request by a User
If Fabasoft receives a deletion request from a user, the compliance managers of the organizations concerned are informed about the deletion request and asked anonymize the user.
Deleting the User
Once a user has been completely anonymized in all affected organizations, it is automatically deleted.
Dissolve All Teamrooms
Caution |
|---|
Before executing this use case make sure that you no longer need your data. This step cannot be undone. |
As owner or co-owner, you have the option to dissolve all Teamrooms (including app rooms and app configurations) of your organization and irrevocably delete the contained data. In addition, all objects of the organization with the security context “ACL for Objects Without a Teamroom” are deleted.
To perform this use case, you can utilize the “Advanced” > “Dissolve All Teamrooms” context menu command on your organization.
Deactivate and Reset Organization
Caution |
|---|
Before executing this use case make sure that you no longer need your data. This step cannot be undone. |
As owner or co-owner, you have the option to deactivate and reset your organization. Thereby all memberships are terminated, all teams, organizational units and external organizations are deleted and all settings are reset. Users who are not members or external members of any other organization are deactivated (this also applies to the owner).
To perform this use case, you can utilize the “Advanced” > “Deactivate and Reset Organization” context menu command on your organization.
Note: To delete all your data, first dissolve all Teamrooms in all data locations.
Show New Events
To ensure traceability in organizational management, the corresponding changes are logged (for example, member added or organizational role assigned). To view the events, navigate to your organization and click the “Show New Events” action.
Via the time travel you can access the versions, which were created due to the changes.
Show Teamroom Usage
You can get a detailed overview of the users in your organization Teamrooms. The evaluation can be restricted to members of a team, organizational unit, external organization or to a single (external) member.
- Navigate to the desired organizational element or (external) member.
- Execute the “Show Teamroom Usage” context menu command.
Note:
- When you execute the context menu command on an organizational element, you first receive an overview of the Teamrooms in which the organizational element has been authorized. The “Show Teamroom Usage for Members” button takes you to the overview of the members of the organizational element.
- Via the “Show Details” context menu command, you get more information about the respective user (e.g. solutions and apps of the user). As owner/co-owner, you can additionally see the Teamrooms of the organization in which the user has access rights. You can download the data as a CSV file.
Permanent Login
With the help of a device binding, a user can remain permanently logged in (see also chapter ““Authentication” tab”). You can use the “Devices” action of an organization member to log out a permanently logged in device.
Define Data Protection Settings
To define data protection settings for your organization, perform the following steps:
- Navigate to your organization.
- In the context menu of the organization, click “Properties”.
- Switch to the “Data Protection” tab.
- Enter your data.
- First Name and Surname
Defines the name of the person to be notified if personal data protection is violated. - Notification Address
Specifies the postal address or e-mail address for the notification. - URL for Data Protection Information
The specified link to your data protection information is displayed in the registration form.
- First Name and Surname
- Click “Next”.
Define Trusted Networks
Trusted networks are used, for example, in the validation of cookie-based user sessions. During the authentication process, a cookie is issued to identify the user session. This cookie is linked to the user's current device for security reasons. The device is identified by the IPv4 address of the network connection. The user session becomes invalid when the IPv4 address changes. In rare cases it may happen that the IPv4 address changes even though the device remains the same (e.g. if several proxies are involved or the IPv4 address of the device is reassigned). In this case, the user session also becomes invalid and the user must log on again.
However, by defining secure address ranges, a user session remains valid even if the IPv4 address has changed, provided that the new IPv4 address is within the configured range.
To define trusted networks for the organization, perform the following steps:
- In your organization’s dashboard, click Advanced Settings.
- Click the Define Policies” action.
- Switch to the “Authentication” tab.
- In the Trusted Networks field, enter your IPv4 addresses or address ranges.
- Click “Next”.
Note: For external organizations, trusted networks can be specified on the “Advanced Settings” tab.
Define a Branding for the Organization
The branding allows you to create personalized Teamrooms. If a branding is defined for an organization, Teamrooms are initialized with this branding. The branding is available if the “Branding” tool is activated.
To create a branding for your organization, perform the following steps:
- Navigate in your organization.
- Open the “Branding” tool.
- Activate the branding if necessary.
- Click “Edit” below the text.
- Define a logo, a title and a short description.
Note: You can format the description via the displayed HTML editor. - Click “Save”
Note: Users with full control in a Teamroom can use the “Branding” tool to define a logo, a title and a short formatted description for the respective Teamroom.
E-Mail Communication
For an overview of all e-mails sent in the course of organizational use cases (invitations, exclusion, etc.), the corresponding e-mails are displayed in the properties of the organization on the “E-Mail Communication” tab.
Define the Default Data Location
In order that all your organization members work by default in the same default data location, you can define this setting in the policies of your organization on the “Basic Settings” tab in the Default Data Location field. To assign a different default data location to individual members, you can set the default data location in the properties of the corresponding user on the “Basic Settings” tab in the Default Data Location field.
Checking Files for Malware
The Fabasoft Cloud has an automated malware scanning service with which the stored files are scanned for malware at regular intervals. In the event of a detected infection, this service provides the unique Fabasoft Cloud ID, the creator and the owning cloud organization of the file. The Teamroom administrators are informed by e-mail. The e-mail also contains links to the infected files.
It is up to the Teamroom administrators how the infected files are to be handled. Fabasoft cannot perform any cleanup because Fabasoft does not have access to the files.
If the administrator of the cloud organization has no access to the file, he can contact either the creator of the file or an owner of his cloud organization to have the file cleaned. We suggest to download, scan and disinfect this file with your own virus scanning software. The clean file can then be uploaded again. Alternatively, authorized users can delete the infected file in the Fabasoft Cloud.
Be aware of the risks of downloading infected files to your computer.
The malware scanning service runs regularly:
- The files uploaded in the last 31 days are checked weekly.
- All files are checked monthly.