Chat with us, powered by LiveChat

Blog

Back

New Feature for Radar Reporting – Enhanced Role-Based Access Control (RBAC)

26 Sep 2017 by Doug Davis

Getting the balance between making your data available to those who need it, and protecting it from those who don’t, is very important – but can also be extremely difficult to get right. 

Role Based Access Control is a security method for user access management. The system enables you to set certain individuals or sets of users access to specific areas of a platform, application or system, but not others. For example, your HR or Finance department need to see certain reports or data from your IT system. You wouldn’t want them to have free reign of the tool, or be able to make changes to settings or configurations within it. Equally, you also wouldn’t want staff from the HR or Finance asking you to generate this data for them every week or month, if you could avoid it. The ideal solution is that they can get to the information they need (with minimal Admin involvement) and nothing else.

Radar Reports has had RBAC functionality for a while now, enabling you to turn certain reports off and on. Our latest feature enhancement brings significant additions to these capabilities, and our new RBAC controls allow for a much more robust and clear definition of data boundaries within the tool. You can apply RBAC at user level, and get fine-grained management over data access.

Creating a New Policy
Before you can apply filters to individual users, you must first create the policy that you can then add the user to. First, navigate to the User Management page in the left navigation menu, then click the ‘Add New Policy’ button in the Policies section.

Screen shot showing where to add a new policy in Radar.

Enter the policy’s name and description into the window that pops up, and then select ‘Add Policy’.

Modifying a Policy
Now that you have created a policy, you can click the ‘Modify’ icon next to its name, and begin adding users and applying filters. The Modify Policy section is split into four different parts, you can navigate it by using the tabs at the top of the page.

Policy Details and Preview Mode

This section allows you to edit the name and description of the policy, and preview it – so you can see how the reports would look as a member of this policy.

To preview the policy, click the ‘Preview Policy’ button in this section. The reports will reload to the main page, and a message will appear at the top of the page informing you that you are in preview mode.

Screen shot showing that you're in preview mode in Radar reporting.

You can then navigate around the reports as a member of this policy, with all of the same filters and access levels applied to this policy. It is important that you preview a policy before assigning users to it, to ensure that all filters and access rights have been applied correctly.

Members

Use this section to add and remove users from a policy. Please note that only users can be applied to a policy (admins continue to have full access of the reports), and that a user can only be a member of one policy at a time.

Screen shot showing how and where to add and remove members from a policy.

Report Access

Use this section to disable any reports that you would not like to be available to the users of this policy. Please note that not all reports can be filtered – this includes some tenant-level reports, as well as (for the time being) Radar for Security & Audit and Radar for SharePoint Online reports. As a result, you may wish to disable these reports – you can do so by selecting the link in the description at the top of the page, however it is still important that you fully test a policy via the Preview Mode mentioned above to ensure that you are satisfied with the level of access.

Screen shot showing report access controls within Radar Reporting.

Report Filters

This section allows you to modify the filters applied to the policy. These filters are based on the Azure Active Directory attributes within your Office 365 environment.

Screen shot showing report filters in Radar Reporting.

Using the Reports as a Member of a Policy
Users who are members of a policy will see a padlock icon at the top of their screen to inform them that their reports are being limited.

Screen shot showing where to look out for new features within Radar.

Behavior of Scheduled Reports
A report scheduled by a member of a policy will be emailed to its recipients with the policy’s filters in place.

Save time whilst keeping your Office 365 environment safe by configuring, testing and implementing RBAC controls in Radar Reporting. Want to try our new enhanced RBAC features for yourself? If you’re an existing customer, simply log in here.

If you’re new to Radar Reporting, and want to see what our advanced Office 365 reporting and analytics can do, why not sign up for a free 14-day trial?

 

Doug Davis is the Product Owner of the Radar tools at Quadrotech. Doug's career in Product Management spans over 20 years. During this time, he has managed products around the Microsoft technology stack for Quest Software, Dell Software and Cogmotive, as well as a stint in Big Data with Assent Compliance. Based out of Ottawa, Canada Doug is a graduate of Carleton University and an avid cyclist.