What's covered in this article
Capture allows agencies to enforce the principal of least privilege through a Role Based Access Control Group (ACG) Model, with functionality of each aligned with a specific user persona. It is imperative Capture administrators understand the Capture ACG model and only assign ACGs appropriately and based on the users needs, position and delegation within the organisation.
Access Control Groups within Capture
Below is the general explanation of the Access Control Groups, their use-cases and a general explanation of their capabilities from a permission standpoint.
-
General User (Restricted) - Low Risk: This is the ACG with least privilege and is allocated by default. This ACG has the rights to create, edit, search, read and export their own records only.
-
General User (Privileged) - Low Risk: This is the ACG, the user can search for and view notes made by members of their organisation where no protective marking is applied (Unofficial, Official - or a customer's equivalent). This allows for enhanced intelligence capabilities across an organisation, and 'point in time' information when responding to, or dealing with an incident. However, the user will cannot access information where a protective marking has been applied such as OFFICIAL: Sensitive (or an organisations equivalent) where a record will be returned indicating the information does exist, but will not show the content of the information. For entries marked PROTECTED (or an organisations equivalent), a search will not return any result/reference - let alone the content. This user cannot edit any data other than their own.
-
Intelligence Units - Medium Risk: This ACG has the same rights as Baseline (Privileged), however, can search the entire agency’s data. For entries marked PROTECTED, the search results only return that information exists and who owns the data, with a prompt and feature to contact that user for disclosure of the information requested. This user cannot edit any data other than their own.
-
Supervisor - Medium Risk: This ACG has the same rights as Baseline (Privileged), however in addition, can search, read, and export user all records (other than when marked 'Private') within their Work Unit (for example, the supervisor of a local police station or specialist unit). Returned searches exclude all notes marked as private by the creating user. This user cannot edit any data other than their own.
-
Integrity Units - High Risk: This ACG has the same rights as Baseline (Privileged), however, can search, read, and export the entire agency’s data, including private However, they cannot access data classified as OFFICIAL: SENSITIVE or PROTECTED. The Integrity ACG can also examine the Audit Portal to scrutinise Search Logs and Export Logs. This user cannot edit any data other than their own.
-
CEO or Delegate - High Risk: This ACG has the same rights as Baseline (Privileged), however, can search, read, and export the entire agency’s data, including private records and records marked up to PROTECTED. This user cannot edit any data other than their own.
-
Agency Lawyer - Very High Risk: This ACG has the same rights as Baseline (Privileged), however, can search, read, and export the entire agency’s data, including private records and records marked up to PROTECTED. This user can edit data, but only limited to removing or applying classifications, IMM/DLM to assist in court disclosure and redaction.
- IT Administrator - Extreme Risk: This ACG has the same rights as Baseline (Restricted). However, they have access to the Capture Admin Portal to administer user accounts, including the provision of ACGs. Agency clients must be aware of the risks associated with this ACG and allocate accordingly based on their own risk assessment.
Classification/Information Visibility within Access Control Groups
The below table depicts the conditional access of each ACG to specific classifications and markings applied to Capture entries. When current user is not the owner of the entry, the Title, Body, Location and Attachments should be:
Marking | General User (Restricted) | General User (Privileged) | Supervisor User | Intelligence User | Integrity User | CEO/Delegate User | Agency Lawyer/User | Administrator |
UNOFFICIAL | No Access | Show | Show | Show | Show | Show | Show | No Access |
OFFICIAL | No Access | Show | Show | Show | Show | Show | Show | No Access |
OFFICIAL:Sensitive | No Access | Return/Hidden | Show (C) | Return/Hidden | Return/Hidden | Show | Show | No Access |
PROTECTED | No Access | No Access | Show (C) | Return/Hidden | Return/Hidden | Show | Show | No Access |
Private | No Access | No Access | Return/Hidden | No Access | Show | Show | Show | No Access |
Assigning Access Control Groups
Users may request they be assigned a specific Access Control Group, based on their self assessed needs. However, this assignment needs to be approved by a Capture administrator with the Capture IT Administrator ACG privileges. This can be achieved though the Capture Web Application (desktop) or Native Desktop Applications only. Once a Capture administrator assigns an Access Control Group to a user, an email will be sent to all Capture administrators notifying them of the change, for peer review and security monitoring.
Ongoing Monitoring of Access Control Groups
The agency must establish a routine and policy of monitoring the Capture Access Control Groups and ensure the principal of least privilege is applied at all times. Altia has no oversight of Access Control Groups applied within an organisation/agencies Capture platform.
If you have any issues with this help article, please raise a support ticket, email support@altiaintel.com.
Comments
0 comments
Please sign in to leave a comment.