Organization Administrator

ProtectNow! Support
  • Updated
Follow

This article shows you how to create an SSProtect Organization and operate as its' Administrator.

Introduction

Every SSProtect Organization has one single Organization Administrator responsible for Provisioning the Organization, delegating administrative control to other AccountsDelegates, and maintaining ongoing control over resources.

Procedure Summary

To Provision an Organization, you will carry out the following tasks: 

  1. Become familiar with content in the article, Accounts, Identities, and Roles
  2. Make sure you understand details in the article, Admins and Organizations
  3. Review the article, Keys and Config Data, and plan Delegation
  4. Review remaining articles in Concepts and Deployment Sections as you see fit
  5. Choose your Organization Name and submit your request to Support
  6. Download and Install your SSProtect :Foundation Client instance
  7. Provision and Register your Administrator Account
  8. Manage 1st Time Login to Export and safeguard Organization Keys
  9. Self-Deploy a Delegate Account to continue remaining Administrative tasks

Once you have completed this procedure, you and/ or other Users can continue to provision additional Organization Accounts working as Organization Delegates.

Requesting an Organization

Provision your Organization by submitting a request to your DefiniSec Representative or Support. You will need to provide your email address and target Organization Name (see next section), then you can proceed using the Registration Email and Download, Install, and Provisioning guidance in the article, Organization Delegate.

Organization Name

SSProtect Organizations often group together Users from teams inside a company rather than all Users across all divisions/ businesses - unless of course the company is very small or the number of SSProtect Users remains limited.

This has an impact on how you choose to name your Organization, since naming consistency facilitates efficiency when coordinating information sharing and Incident Response.

Most often, it's best to choose an Organization Name that reflects both your formal business entity and the team(s) associated with associated Users you will manage. This name is subject to approval by your MSP (in this case DefiniSec), and it must reflect your business entity in some fashion (usually with some variation of a <Company>-<Team> format).

Organization Names cannot include spaces, are case-sensitive, can include letters and numbers, and the following symbols:

    ()\-_@.

Organization Names scope and identify end-user SSProtect Login Profiles. More importantly, they reflect :Collaborate peer permissions and are visible in :Assess and :Respond reports. For more information, refer to the article, Trusts, Profiles, and Server Sets.

Downloading, Installing, and Registering

Once your Organization Name is approved (which may require some back-and forth discussion), you will receive a Registration Email you can use to download, install, and provision as described in the article, Organization Delegate.

1st Time Use

The first time you use the software, you will be prompted to carry out additional tasks. As the one Organization Administrator, you must export Account and Organization keys. This is described in the article, 1st Time Use.

CRITICAL EXPORT KEYFILE INFORMATION

Remove the exported key file from your system: Never store it on network-connected systems. Also make sure you maintain access to its' password. As the Organization Administrator together with any Delegates you deploy, maintain critical Organization Keys that can be used to recover access if you forget your Account password.

If you do not deploy other Delegates and remain the only Privileged User for the Organization, this keyfile is the only way to recover your Account password and access to managed content. For more information regarding SSProtect keys, refer to the article, Credentials, Keys, and 2FA.

Provisioning Delegates and Users

You have the authority, as the Administrator, to provision and manage all other Users. In most cases, this is the first, and only, task carried out after Exporting Keys (above) during 1st Time Use. Use your newly Provisioned Administrator Account to create a Delegate Account, then proceed to provision additional users.

For procedural guidance, refer to the article, Organization Delegate, and consult the the article, Managing Organization Users for details.

Additional Resources

Make sure to review Concepts and Deployment Section Articles before deploying an Organization for production use.

For additional guidance, search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.

In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.

This article was updated w/ v8.5.1 of the :Foundation Client