Managing User and Account Security

Modified on Thu, 29 Aug at 8:02 PM

Introduction

The ARMOR Asset Management Portal provides robust security features to control what assets or sites a user can access. This guide explains the structure of security controls and how to manage visibility for users based on their assigned account and customized security scopes.


Security Structure Overview

The security system in the ARMOR portal is organized into two primary layers:

  1. Accounts: Accounts act as the primary security container. Each account has a defined Security Scope that controls the visibility of assets and sites by using Scope Tags. These tags can be any attribute assigned to an asset or site, such as manufacturer or customer.

    1. Accounts are created by ARMOR Technologies support staff on shipping OR by completing the Onboarding Wizard when a new user is setup. 

  2. The structure for Scope Tags is typically in the format: 

    [["customer:Demo"]]
  3. Users: Users are linked to an account, and by default, inherit the security scope of the assigned account. However, additional customization can further refine what each user can see. 


Managing Account Security

Scope Tags

Scope Tags are crucial in defining the visibility of assets or sites within an account. These tags could represent various attributes such as:

  • Customer: [["customer:DEMO"]]
  • Manufacturer: [["manufacturer:General Motors"]]
  • Region: [["region:North America"]]

Scope Tags can also be stacked to contain multiple tags to give additional visibility. These tags would represent multiple areas of visibility such as:

  • Customer and Manufacturer: [["customer:Demo"],["manufacturer:General Motors"]]
  • Customer and State/Region: [["customer:Demo"],["_geo_state:Florida"]]

When you set Scope Tags at the account level, they determine which assets or sites users associated with that account can view.


Example:
If the Scope Tag is set as [["customer:DEMO"]], users assigned to this account will only see assets or sites tagged with "customer:DEMO".



Managing User Security

When creating or editing a user, you can define their Security Scope. There are three options available:

  1. Inherit From Account
  2. Scope Tags
  3. Scope Assets/Sites


Inherit From Account

If the Inherit From Account option is selected, the user will have the same visibility as the account they are assigned to. This is the default option and does not require additional configuration.


Scope Tags

If you choose Scope Tags, you can further refine the user's visibility by specifying additional tags. This is useful for limiting a user's access to specific subsets of the assets or sites that the account can see.


Example:
If the account has a Scope Tag of [["customer:DEMO"]] but the user only needs access to assets manufactured by General Motors, you can set the user's Scope Tag as: [["manufacturer:General Motors"]]


This means the user will only see assets tagged with manufacturer:General Motors within the DEMO customer account.


Scope Assets/Sites

The Scope Assets/Sites option allows you to define visibility at the individual asset or site level. When this option is selected, two additional boxes (Assets and Sites) appear.

  • Assets Box: Allows you to add specific assets that the user should have access to.
  • Sites Box: Allows you to add specific sites that the user should have access to.

How to Add Assets or Sites:

  1. Click the plus button next to the Assets or Sites box.
  2. A search box will appear.
  3. Search for the specific asset or site you want to grant access to.
  4. Select the asset or site to add it to the user’s visibility scope.

This method is particularly useful when a user only needs access to a few specific assets or sites.

Example:
If a user only needs access to a single site, you can choose the exact site that this user has access to. All other sites that the Account has access to will be hidden from the user's view.

Conclusion

The ARMOR Asset Management Portal’s security controls are highly customizable, allowing you to tailor visibility based on various attributes such as account scope, tags, or individual assets/sites. By understanding and utilizing these features, you can ensure that users have access only to the information they need, enhancing security and operational efficiency.

For further assistance or more detailed instructions, please refer to the help documentation or contact support.


-- ARMOR Support

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article