Wiki source code of Portal Security - Basic
Last modified by Erik Bakker on 2023/01/24 15:24
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | {{container}}{{container layoutStyle="columns"}}((( | ||
| 2 | Securing your solution and your data is a shared responsibility between eMagiz and you. | ||
| 3 | |||
| 4 | In this microlearning, we will educate you on the basics of the security of the eMagiz Portal. | ||
| 5 | |||
| 6 | == 1. Prerequisites == | ||
| 7 | |||
| 8 | * Basic knowledge of the eMagiz platform | ||
| 9 | |||
| 10 | == 2. Key concepts == | ||
| 11 | |||
| 12 | This microlearning centers around eMagiz portal security. | ||
| 13 | With portal security we mean: Ensuring that your model is not accessible for those who have no right to access your model. | ||
| 14 | |||
| 15 | The portal security consists of multiple parts: | ||
| 16 | |||
| 17 | * User access to Portal | ||
| 18 | * User access to Integration Models | ||
| 19 | * User authorizations to Integration Models | ||
| 20 | * Partner user access to Client environments | ||
| 21 | * Password Policy & Validity | ||
| 22 | |||
| 23 | For each aspect, it is good to know how the security is set up by eMagiz. | ||
| 24 | |||
| 25 | == 3. Portal Security - Basic == | ||
| 26 | |||
| 27 | Securing the portal is done in various ways. | ||
| 28 | In this microlearning, the focus will be on user access to the portal, to models, and how to determine that a user has exactly the rights he/she needs to execute their job. | ||
| 29 | We will discuss each of these aspects below one by one. | ||
| 30 | |||
| 31 | === 3.1 User access to the portal === | ||
| 32 | |||
| 33 | Users can be added with their email address by the eMagiz Partner Manager or the Company Contact, upon which the user gets an email to sign-in. | ||
| 34 | A temporary password is created and emailed as well, which has to be changed at the first login to the iPaaS Portal. Users are connected to organizations in eMagiz. | ||
| 35 | In the administration section of the user, an MFA token can be used to enable the Multifactor Authentication on a user level. | ||
| 36 | Typical authenticators on a smartphone can be used such as Google Authenticator. | ||
| 37 | An MFA response is required for model owners to manage the permissions on a model level and for any Edit activity in Production environments. See the next sections for more details on these functions. | ||
| 38 | |||
| 39 | === 3.2 Users access to models === | ||
| 40 | |||
| 41 | Users can be added to Integration models, which hold all the configurations required to run the different integrations for the TAP environments. | ||
| 42 | Integration models are connected to organizations in eMagiz to ensure the integration model remains within the limits of the license agreements. | ||
| 43 | Users can be added to integration models of the organization where the user belongs to. Users can't be added to integration models of other clients. | ||
| 44 | |||
| 45 | === 3.3 User authorizations to models === | ||
| 46 | |||
| 47 | Every integration model has a model owner who can distribute rights across functionalities and environments. | ||
| 48 | In the picture below, one can see the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. | ||
| 49 | The model owner manages the user permissions and needs to have the MFA authentication level activated before making any changes. | ||
| 50 | |||
| 51 | * In case of Edit permission is granted on an ILM phase, all the sub-options can be configured | ||
| 52 | * View rights mean that all options can be viewed only | ||
| 53 | * In case the user has no Edit or View rights to a certain ILM phase, the phase will not be displayed at all in the eMagiz iPaaS Portal | ||
| 54 | * Model owners are assigned to integration models by the previous model owner, the company contact or an eMagiz administrator | ||
| 55 | * An audit trail is kept of the changes made in the model permission structure | ||
| 56 | |||
| 57 | [[image:Main.Images.Microlearning.WebHome@crashcourse-platform-manage-portal-security-basic--integration-project-rights.png]] | ||
| 58 | |||
| 59 | === 3.4 Partner user access to models === | ||
| 60 | |||
| 61 | Partner organizations are supported in eMagiz. | ||
| 62 | Model owners can select a user from their organization or the connected partner organization. | ||
| 63 | The connection between client and partners organization is managed by eMagiz administrators | ||
| 64 | |||
| 65 | === 3.5 Password policy & Validity === | ||
| 66 | |||
| 67 | Below the relevant items for the password policy in the eMagiz Portal | ||
| 68 | |||
| 69 | * There is no expiry policy on the password - eMagiz has a Forget Password functionality. | ||
| 70 | * Password must be 8 - 20 characters long, cannot contain white spaces, and must contain at least one digit, one upper case, and one lower case letter." | ||
| 71 | |||
| 72 | == 4. Key takeaways == | ||
| 73 | |||
| 74 | The portal security consists of multiple parts: | ||
| 75 | |||
| 76 | * User access to Portal | ||
| 77 | * User access to Integration Models | ||
| 78 | * User authorizations to Integration Models | ||
| 79 | * Partner user access to Client environments | ||
| 80 | * Password Policy & Validity | ||
| 81 | |||
| 82 | For each aspect, it is good to know how the security is set up by eMagiz. | ||
| 83 | |||
| 84 | == 5. Suggested Additional Readings == | ||
| 85 | |||
| 86 | If you are interested in this topic and want more information on it please read the help text provided by eMagiz. | ||
| 87 | )))((({{toc/}}))){{/container}}{{/container}} |