Wiki source code of Portal Security - Basic
Last modified by Erik Bakker on 2023/01/24 15:24
Hide last authors
author | version | line-number | content |
---|---|---|---|
12.1 | 1 | {{container}}{{container layoutStyle="columns"}}((( | |
1.1 | 2 | Securing your solution and your data is a shared responsibility between eMagiz and you. | |
3 | |||
4 | In this microlearning, we will educate you on the basics of the security of the eMagiz Portal. | ||
5 | |||
6 | == 1. Prerequisites == | ||
7 | |||
8 | * Basic knowledge of the eMagiz platform | ||
9 | |||
10 | == 2. Key concepts == | ||
11 | |||
12 | This microlearning centers around eMagiz portal security. | ||
17.1 | 13 | With portal security we mean: Ensuring that your model is not accessible for those who have no right to access your model. | |
1.1 | 14 | ||
15 | The portal security consists of multiple parts: | ||
16 | |||
17 | * User access to Portal | ||
17.1 | 18 | * User access to Integration Models | |
19 | * User authorizations to Integration Models | ||
1.1 | 20 | * Partner user access to Client environments | |
21 | * Password Policy & Validity | ||
22 | |||
23 | For each aspect, it is good to know how the security is set up by eMagiz. | ||
24 | |||
15.1 | 25 | == 3. Portal Security - Basic == | |
1.1 | 26 | ||
27 | Securing the portal is done in various ways. | ||
17.1 | 28 | In this microlearning, the focus will be on user access to the portal, to models, and how to determine that a user has exactly the rights he/she needs to execute their job. | |
1.1 | 29 | We will discuss each of these aspects below one by one. | |
30 | |||
31 | === 3.1 User access to the portal === | ||
32 | |||
18.1 | 33 | Users can be added with their email address by the eMagiz Partner Manager or the Company Contact, upon which the user gets an email to sign-in. | |
1.1 | 34 | A temporary password is created and emailed as well, which has to be changed at the first login to the iPaaS Portal. Users are connected to organizations in eMagiz. | |
35 | In the administration section of the user, an MFA token can be used to enable the Multifactor Authentication on a user level. | ||
36 | Typical authenticators on a smartphone can be used such as Google Authenticator. | ||
17.1 | 37 | An MFA response is required for model owners to manage the permissions on a model level and for any Edit activity in Production environments. See the next sections for more details on these functions. | |
1.1 | 38 | ||
17.1 | 39 | === 3.2 Users access to models === | |
1.1 | 40 | ||
17.1 | 41 | Users can be added to Integration models, which hold all the configurations required to run the different integrations for the TAP environments. | |
42 | Integration models are connected to organizations in eMagiz to ensure the integration model remains within the limits of the license agreements. | ||
43 | Users can be added to integration models of the organization where the user belongs to. Users can't be added to integration models of other clients. | ||
1.1 | 44 | ||
17.1 | 45 | === 3.3 User authorizations to models === | |
1.1 | 46 | ||
17.1 | 47 | Every integration model has a model owner who can distribute rights across functionalities and environments. | |
1.1 | 48 | In the picture below, one can see the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. | |
17.1 | 49 | The model owner manages the user permissions and needs to have the MFA authentication level activated before making any changes. | |
1.1 | 50 | ||
51 | * In case of Edit permission is granted on an ILM phase, all the sub-options can be configured | ||
52 | * View rights mean that all options can be viewed only | ||
53 | * In case the user has no Edit or View rights to a certain ILM phase, the phase will not be displayed at all in the eMagiz iPaaS Portal | ||
17.1 | 54 | * Model owners are assigned to integration models by the previous model owner, the company contact or an eMagiz administrator | |
55 | * An audit trail is kept of the changes made in the model permission structure | ||
1.1 | 56 | ||
12.1 | 57 | [[image:Main.Images.Microlearning.WebHome@crashcourse-platform-manage-portal-security-basic--integration-project-rights.png]] | |
1.1 | 58 | ||
17.1 | 59 | === 3.4 Partner user access to models === | |
1.1 | 60 | ||
61 | Partner organizations are supported in eMagiz. | ||
17.1 | 62 | Model owners can select a user from their organization or the connected partner organization. | |
1.1 | 63 | The connection between client and partners organization is managed by eMagiz administrators | |
64 | |||
65 | === 3.5 Password policy & Validity === | ||
66 | |||
67 | Below the relevant items for the password policy in the eMagiz Portal | ||
68 | |||
69 | * There is no expiry policy on the password - eMagiz has a Forget Password functionality. | ||
70 | * Password must be 8 - 20 characters long, cannot contain white spaces, and must contain at least one digit, one upper case, and one lower case letter." | ||
71 | |||
19.1 | 72 | == 4. Key takeaways == | |
1.1 | 73 | ||
74 | The portal security consists of multiple parts: | ||
75 | |||
76 | * User access to Portal | ||
17.1 | 77 | * User access to Integration Models | |
78 | * User authorizations to Integration Models | ||
1.1 | 79 | * Partner user access to Client environments | |
80 | * Password Policy & Validity | ||
81 | |||
82 | For each aspect, it is good to know how the security is set up by eMagiz. | ||
83 | |||
19.1 | 84 | == 5. Suggested Additional Readings == | |
1.1 | 85 | ||
86 | If you are interested in this topic and want more information on it please read the help text provided by eMagiz. | ||
12.1 | 87 | )))((({{toc/}}))){{/container}}{{/container}} |