Setting access permissions

Data governance regulations, including GDPR, HIPAA, SOC2, PCI DSS, and CPA, require organizations to monitor sensitive information for unauthorized exposure and access. By default, users have access to sensitive data. To meet compliance requirements, use the Permissions tab to define an access strategy and apply necessary restrictions based on your organization's needs.

To configure your permissions:

  1. Sign in to the Coro console .
  2. From the sidebar, select Control Panel to access the Control Panel .
  3. Select User Data Governance :

    User Data Governance

  4. Select the Permissions tab:

    User Data Governance permissions

    note

    Coro displays sections matching the selected data types in the Monitoring tab.

Adding a new permission

To add a new access permission for a selected user or group, perform the following steps:

  1. Select + ADD PERMISSION to include new permission settings for:
    • All Users : All protected workspace users.
    • Specific Groups of Users : A named group of users, identified from the connected cloud applications.
    • Specific Users/Domains : A named user or email domain.
    • All unprotected internal users : All unprotected/protectable users that belong to an internal domain in this workspace.
      note

      Admin users can only permit unprotected internal users to access sensitive data. Coro does not allow expose permissions in this case.

  2. Coro displays a dialog enabling you to add a new permission for the selected user or group:

    image info

  3. Use the Select Data Type dropdown to select the privacy-sensitive or business-sensitive data type to monitor:

    User Data Governance Type

    note

    Coro shows a list reflecting the selected data types in the Monitoring tab.

  4. Select one of the following permissions from the Permission dropdown:
    • Can Access : Enable the named users or groups to view information.
    • Can Access and Expose : Enable the named users or groups to view and share information with anyone (regardless of that person's own permission settings).

    Permission

  5. If you selected Specific Groups of Users or Specific Users/Domains , enter the names of the users, groups, or domains to which you want this permission to apply:

    Permitted users or groups

  6. Select ADD to save your changes.

    Coro saves the permission and adds it to the list on the Permissions page.

Editing or removing an existing permission

To edit or remove an existing permission, perform the follwoing steps:

  1. For the permission you want to edit or remove, select the existing permission setting:

    Permission setting edit menu

  2. Select from one of the following options:
    • Can Access : Enable the named users or groups to view information.
    • Can Access and Expose : Enable the named users or groups to view and share information with anyone (regardless of that person's own permission settings).
    • Remove Permission : Revoke and remove this permission.