For example, the predefined security group is Classification and contains the marks Top Secret, Secret, and Confidential. Only users assigned to the Top Secret mark can see files that have been marked as Top Secret. This works in the same way for any additional security groups that you set up.
You can set up additional security groups to match your company requirements, for example, security groups for nationality and job role.
- Click Admin Tools and then click Security Controls > Configure.
- Click Create Security Group.
- Enter a name for the security group.
Select a Group Type for how security clearance will be applied for this group:
- All = Users must have all security marks from the group that are
applied to a file to see that file.
Example: A Security Group named Training contains security marks of Media and Data Handling. To see a file marked as both Media or Data Handling, then a user must have both Media and Data Handling clearance.
- Any = Users must have at least one of the security marks from the
group that are applied to a file to see that file.
Example: A Security Group named Nationality contains security marks of UK, US, and Aus. To see a file classified as UK and US, then a user must have UK and / or US clearance.
- Hierarchical = Security marks are ranked in the order they're
created. The mark created first in a security group has the greatest clearance, the one
created last the least clearance.
Example: The predefined Classification group has marks of Top Secret, Secret, and Classified. To see a file classified as Secret, then the user must have Secret or Top Secret clearance.
- All = Users must have all security marks from the group that are applied to a file to see that file.
Once you've created a security group you can:
- Click on the group to add security marks to it
- Click to edit the group name.
- Click to delete the group.
You can't delete a group or its marks if it contains marks that are assigned to
content.Note: No-one else can access a security group until you add security marks to it.
Once marks are added to the group, only users who have been assigned one of the marks can see the group.