Syncplicity Support

Follow

User and Group Lookup Policy

This policy allows company admins to set restrictions on how internal users lookup recipient's email and group names when sharing files or folders.

Policy Use Case

As an enterprise, Company A wants to control the exposure of personally identifiable information (PII). Also, Company A has provisioned partner accounts within their tenant. When they share files or folders, they do not want users (that belong to a partner) to lookup other users. By default, Syncplicity allows all internal users to lookup all provisioned users within their tenant. Company A admins can set this policy to restrict this type of lookup.

Procedure

NOTE: This policy does not apply to admin user accounts.

To set the User and Group Lookup policy, perform the following steps:

  1. Log in to Syncplicity as an administrator.
  2. Select Policies → Create a new policy set → Security → User and Group Visibility → Internal.

  3. Select one of the following options:
    • Allow lookup of all users and groups - Allows an internal user to lookup all users and groups within your company without any restrictions. By default, this option is selected for all users.
    • Limit lookup of users and groups to groups they belong to - Allows an internal user to lookup only the users and groups they are members.
    • Block lookup of all users and groups - Prevents an internal user to lookup any users or groups within your company by setting restrictions for this type of lookup.
  4. If there are two policies for two different groups configured, it is important to understand how this may impact the groups. For details, review the following section that provides sample scenarios for this type of configuration. 

Sample Scenarios

Groups configuration:

Group

has the following users

Group-1

User-1
User-2

Group-2

User-2
User-3

Group-3

User-4

No Group

User-5

Policy configuration and result visibility for users and groups:

If the following Policy set is applied...

User

can see the following users

can see the following groups

Allow lookup of all users and groups

User-1

User-2
User-3
User-4
User-5

Group-1
Group-2
Group-3

User-2 User-1
User-3
User-4
User-5
Group-1
Group-2 
Group-3
User-3 User-1
User-2
User-4
User-5
Group-1
Group-2
Group-3
User-4 User-1
User-2
User-3
User-5
Group-1
Group-2
Group-3
User-5 User-1
User-2
User-3
User-4
Group-1
Group-2
Group-3

Limit lookup of users and groups to groups they belong to

User-1

User-2

Group-1

User-2 User-1
User-3
Group-1
Group-2
User-3 User-2 Group-2
User-4 - Group-3
User-5 - -

Block lookup of all users and groups

 

 

 

User-1

None

None

User-2

None

None

User-3 None None
User-4

None

None

User-5

None

None

 
 
Powered by Zendesk