The following additional management options are available.
Due to legal regulations, it may be necessary to anonymize users. Anonymization means that the user is replaced in the organizational context in all shortcuts by a special user provided for anonymization. An example of such a shortcut is the user stored in the Created by field of any object.
Anonymization also includes saved versions and audit log entries. Closed documents and documents with a retention period are, however, excluded from anonymization.
Terminating a Membership
When you terminate the membership of a user you are managing, you can choose whether to deactivate the user. Upon deactivation, all personal data except first name, surname and e-mail address will be irrevocably deleted.
The compliance managers are defined via the organizational roles. When a user's membership is terminated, compliance managers are notified by e-mail. The compliance managers can immediately anonymize the user, identify all links to the user or define a reminder for a specific point in time. Since anonymization or identification of the links takes some time, the compliance managers are informed of the outcome by e-mail.
Once the links have been determined, compliance managers can view the links if they have access rights or inform the affected Teamroom administrators to review the links. The “Review” button can be used to mark the Teamrooms as reviewed. Thereby, the Teamroom administrators must define whether they believe that the links can be made anonymous. After all opinions have been collected, the compliance manager can anonymize the user if applicable (“Anonymize User” button).
The anonymization use cases can be carried out at any time for users who are no longer members of the organization using the “Anonymize User” context menu command. The context menu command can also be executed on the organization, in particular to anonymize users who, for example, worked in Teamrooms in the context of the organization but were never members.
Deletion Request by a User
If Fabasoft receives a deletion request from a user, the compliance managers of the organizations concerned are informed about the deletion request and asked anonymize the user.
Deleting the User
Once a user has been completely anonymized in all affected organizations, it is automatically deleted.
Before executing this use case make sure that you no longer need your data. This step cannot be undone.
As owner or co-owner, you have the option to dissolve all Teamrooms (including app rooms and app configurations) of your organization and irrevocably delete the contained data. In addition, all objects of the organization with the security context “ACL for Objects Without a Teamroom” are deleted.
To perform this use case, you can utilize the “Advanced” > “Dissolve All Teamrooms” context menu command on your organization.
To ensure traceability in organizational management, the corresponding changes are logged (for example, member added or organizational role assigned). To view the events, navigate to your organization and click the “Show New Events” action.
Via the time travel you can access the versions, which were created due to the changes.
You can get a detailed overview of the users in your organization Teamrooms. The evaluation can be restricted to members of a team, external organization or to a single (external) member.
This list displays you all users that have access rights on organization Teamrooms. Via the “More Details” button you will get more information to the user like editions and apps of this user. As owner or co-owner you will also see the Teamrooms of the organization in which the user has access rights. You can download the data as CSV file.
With the help of a device binding, a user can remain permanently logged in to the Fabasoft Cloud (see also chapter ““Authentication” tab”). You can use the “Devices” action of an organization member to log out a permanently logged in device.
To define data protection settings for your organization, perform the following steps:
Trusted networks are used, for example, in the validation of cookie-based user sessions. During the authentication process, a cookie is issued to identify the user session. This cookie is linked to the user's current device for security reasons. The device is identified by the IPv4 address of the network connection. The user session becomes invalid when the IPv4 address changes. In rare cases it may happen that the IPv4 address changes even though the device remains the same (e.g. if several proxies are involved or the IPv4 address of the device is reassigned). In this case, the user session also becomes invalid and the user must log on again.
However, by defining secure address ranges, a user session remains valid even if the IPv4 address has changed, provided that the new IPv4 address is within the configured range.
To define trusted networks, perform the following steps:
The branding allows you to create personalized Teamrooms. If a branding is defined for an organization, Teamrooms are initialized with this branding. The branding is available if the “Branding” tool is activated.
To create a branding for your organization, perform the following steps:
Note: Users with full control in a Teamroom can use the “Branding” tool to define a logo, a title and a short formatted description for the respective Teamroom.
For an overview of all e-mails sent in the course of organizational use cases (invitations, exclusion, etc.), the corresponding e-mails are displayed in the properties of the organization on the “E-Mail Communication” tab.