Support Center

Enable/ Disable and LOCKDOWN

Last Updated: Mar 15, 2019 05:40PM PDT
This article provides Administrative guidance for disabling SSProtect operation, useful when protecting from imminent threats or managing suspicious behavior.

Introduction
As an Administrator of high-value resources in an Organization, you are likely to encounter situations that call for a need to disable end-user data access or system operation. SSProtect provides highly secured operations in support of these needs.

Privileged Operation
Operations described in this article must be carried out by an Organization Administrator or Delegate. Operations only apply to Accounts within the managed Organization. In some cases, operation requires coordination with another Privileged User and/ or DefiniSec Support. Details are described in related sections, below.

User Interface Details
This article does not described UI elements, controls, or procedures in detail. For each consideration, you will find general guidance often sufficient to understand how to carry out related tasks. For more information, refer to articles specific to the noted UI displays.


Disabling Individual Accounts
You cannot Disable an Individual Account with today's version of the software. If such a need arises, contact Support to coordinate proper forward action.


Disabling Organization Accounts
You can disable (and also re-enable) one or more Accounts in your Organization from within the Administer Users dialog, available to Privileged Users in the notification tray's context menu. This operation results in an :Assess event history entry for visibility to other Privileged Users.

When you disable an Account, you not only prohibit subsequent SSProtect Login, but also immediately disable all further User operation. Login attempts present an error message noting that the Account has been Disabled, and in-Session attempts to continue using the software offer similar results.

Note that target Account Users are not currently notified when this occurs.

Managed Content
Data managed by a Disabled Account remains accessible to authorized Users, subject to Sharing Policy. Because you can independently control with whom you share data and those able to access your content, you can also Disable a Third Party Trust relationship. Refer to articles in the :Collaborate Topic to gain more insight on how to manage these relationships.

Note that you cannot disable Organization Account access to content generated by other Organization Accounts - even if they are disabled.

Further, if you Delete an Account, his/ her sharing peers retain access to shared content. However, when re-protecting, the Operating Mode reverts back to Optimized Offloading since the owning Account's :Recover Archive is no longer active.

For detailed insight on different scenarios, contact our Support department as described at the end of this article.

Disabled Organizations and Licensing
You cannot disable an entire Organization of Accounts, though you can encounter this dynamic if for example you do not abide by your License Agreement. Any attempt to Login to an Account in a Disabled Organization reflects this specific case, different from a Disabled Account. Similarly, any action taken from within a previously active Session will reflect the same.

If you encounter this dynamic, contact Support to resolve the issue. For more information specific to Licensing, refer to the article, SSProtect Licensing.

LOCKDOWN for Organizations
LOCKDOWN is different from Disable in that it is applied to all Organization Accounts, though with limited impact to Privileged Accounts. LOCKDOWN requires the coordinated action of two qualified Privileged Users in conjunction with your Service Provider.

The procedure for executing LOCKDOWN, along with the resulting impact, is at present described in the article, Administering Client Resources.


Getting Further Assistance
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.

In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.

 

This article was updated w/ v9.1.0 of the :Foundation Client

Contact Us

ed5301d112e75fde24d469c55568f50b@definisec.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete