⚠ This is a deprecated Module. Check the module deprecation article for more information.

Shared information

Prev Next
Attention

From the Segura® 3.26 version, you have a new password manager product called MySafe. You can quickly and easily add and share passwords, files, and notes with other users. Learn more about MySafe.

The Protected Information will only receive updates for bug fixes that may have security issues.

In addition, users will only be able to add shared information. They will not have the option to add personal information. If you need to add personal information, use the MySafe product.

We recommend that you migrate your passwords, files, and notes to the MySafe product to ensure access to new features and improvements.

Access path

Access policies for Protected Information can be added in two ways:

Navigating to Protected Information > Access control > Access policies

Or, by clicking Add new > Access Policy in the top menu of the Segura® platform.

Both paths lead to the policy creation form, which is divided into the following tabs: General, Settings, Users, Approvers, Access limitation, and Review.

Register a new access policies

When clicking on the option to create a new access policy, the Add access policy screen will open , it's necessary to fill up the following fields and options:

  • Access policies name: name of the access group that matches the rules that this group applies. This makes easier understanding and auditing.

    • Description: a brief description of the access group.
    • Status: whether the group is active or not. Disabling a group can reduce the amount of information the user has access to or reduce the level of security required to access the information.
    • Administrators: Allows assigning users with administrative permission over this policy.
  • Settings: protected information settings

    • User can view the protected information: flag if the user can see the protected information.
    • It requires justification to view the protected information: flag whether it is necessary to register a justification to see the protected information.
    • It requires approval to view the protected information: flag whether another user will need to act as an approver to see the protected information. Once active, you also need to set for how long this approval will be valid.
    • Approvals required for viewing: number of approvals needed to approve the operation.
  • Users: associate users to the access group that will have the role of operators.

  • Approvers: associate users that will have the role of approvers of the operations regarding the use of the information.

    • Governance ID required when justifying?: when enabled, requires the requester to provide a governance code when justifying their request.
    • Always add user manager to approvers?: when enabled, automatically adds the user’s manager as one of the policy approvers.
  • Access limitation: you can restrict the group's access to the protected information by days of the week, time of the day, and period (start and end date).

Register shared information

Like personal information, shared information has the same protected attributes and expiration information.

Its difference lies in the fact that the information holder configures which access groups will have access to information without knowing the participants of these groups.

Info

In shared information, you cannot determine other users with edit power. All users with access will only be allowed to view the secret.

Once the information is registered, the secret holder can view the information and observe which users have access to the secret.