Setting access permissions
Data governance regulations, including GDPR, HIPAA, SOC2, PCI DSS, and CPA, require organizations to monitor sensitive information for unauthorized exposure and access. By default, users have access to sensitive data. To meet compliance requirements, use the Permissions tab to define an access strategy and apply necessary restrictions based on your organization's needs.
To configure your permissions:
- Sign in to the Coro console .
-
From the sidebar, select
to access the Control Panel .
-
Select
User Data Governance
:
-
Select the
Permissions
tab:
note
Coro displays the sensitive data types that match those selected in the Recommended data types section on the Monitoring tab.
-
Select
+ ADD PERMISSION
to include new permission settings for:
- All Users
- Specific Groups of Users
- Specific Users/Domains
-
Use the
Select Data Type
dropdown to select the privacy-sensitive or business-sensitive data type to monitor:
-
Select one of the following permissions from the
Permission
dropdown:
- Can Access : Enable the named users or groups to view information.
- Can Access and Expose : Enable the named users or groups to view and share information with anyone (regardless of that person's own permission settings).
-
Select
ADD
to save your changes.
Coro saves the permission and adds it to the list on the Permissions page.
To edit or remove an existing permission:
-
Select the permission access setting and select a different option from the
Permission
dropdown: