Permissions

There are seven different levels of access a user may possess in the MOVEit DMZ system. The seven levels in order of increasing privilege are Anonymous, Temporary User/Guest, User, GroupAdmin, FileAdmin, Admin and SysAdmin.

The following table summarizes what each class of user permission can and cannot do. ("Y" = yes, "*" = if allowed/configured) Anonymous users (i.e., users who have not signed on) may only submit Webposts and attempt to sign on to the system as an authenticated user.

Hint: Permission to download or upload files from specific folders is controlled in the "Permissions and Settings" section of those folders. Permission to send packages to specific users is controlled by "Address Books." Users can also inherit various rights from the groups of which they are members.

Anonymous

By definition anyone who has not signed onto the system is an anonymous user. Anyone who has signed onto the system becomes an authenticated user. As expected, an anonymous user enjoys the narrowest set of rights on the MOVEit DMZ system.

File Rights: An anonymous user may submit web forms into specific MOVEit DMZ "webpost" folders. Anonymous users may not upload/download files or send/receive packages.

Administrative Rights: An anonymous user may view the login screen of any particular Organization. If the user provides a valid username and password on the sign on screen, the user will be granted additional rights. Anonymous users are also barred from seeing the current version number of product. (Authenticated users may see the version number.)

Example(s):

• Nancy notices an advertisement on Woodstock First Bank's web site for a CD with a great rate. She clicks on a "sign me up" link which displays a form the bank created. Nancy fills out the form and submits it. The form opens a secure connection across the internet into the MOVEit DMZ system and deposits whatever information Nancy provided into an encrypted file on the MOVEit DMZ system. Nancy never needed to sign onto the MOVEit DMZ system but she nonetheless took advantage of a MOVEit DMZ feature. Therefore, Nancy is an anonymous user.
• Melissa is an IS employee of Woodstock First Bank and has an account on the MOVEit DMZ system. She opens a browser bookmark on her local system which pops up the MOVEit DMZ system login page. As long as Melissa sees the login page, Melissa is an anonymous user. After she successfully logs in through this page Melissa will be an authenticated user.

Temporary User/Guest User

Temporary Users are an optional class of user that can be enabled and disabled per organization. They are only available in organizations where Ad Hoc Transfer is enabled. Temporary Users are user accounts that can be created by selected users on the DMZ system, and provide a minimal level of access to DMZ resources. Temporary Users are only allowed to participate in Ad Hoc Transfer; they do not have access to folders on the DMZ system and cannot upload and download files, except when those files are associated with packages. They are only allowed to sign in to DMZ through the web and API interfaces, not the FTP or SSH interfaces. Temporary users (like other users) can be configured to expire after a certain amount of time has passed. (See the Expiration Policy Feature Focus page for more information about expiration policies)

File Rights: A temporary user may view packages sent to them, download files from the package, and may send packages to users who they are authorized to send to. Temporary users may not participate in any other form of file transfer, and have no rights to any folders on the DMZ system.

Administrative Rights: A temporary user may change his or her password.

If the organization administrator configures Ad Hoc Transfer to create 'Temporary Users', when a registered user sends a package, the temporary-user recipients will receive a password for that package only. The temporary-user recipients will log on with that password, and can view a package, download files in it, and reply to the package. The Temporary User will have an account on the MOVEit DMZ system; the Temporary User suits limited-time use scenarios.

If the administrator enables Unregistered Senders along with 'Temporary Users', an unregistered user can self-register as a temporary-user sender. The temporary-user senders will either be automatically logged on after self-registering with a "Captcha" or they will manually log on with password using either a password or "password link" sent by email after they self-register. Then they can create a package, upload files to it, and send it.

Example(s):

• Mary is a registered Ad Hoc Transfer user. She is on the phone with Thomas, who is not a registered user, but she has a need to send a package and/or some files to Thomas. Normally, Mary would need to get her administrator to add Thomas to the system, but because temporary users have been enabled, Mary can send her package to an email address rather than someone in her drop-down address book of registered users. As part of the process of composing her new package, Mary is prompted for Thomas' email address, full name and a password; Mary gives Thomas that password over the phone.
  
  Thomas is now set up as a temporary user. Thomas has limited access to Ad Hoc Transfer (he can only communicate with Mary) and his account will be automatically expired after 7 days of inactivity (or whatever Mary's administrator set the temporary user expiration settings to be).
  
  In a few seconds Thomas will get an email message containing a link to the new package Mary posted for him. He can use his email address and the password Mary provided him over the phone to sign on, view the package, download files, and reply and send files to Mary.
• David is an unregistered user, but he has access to a MOVEit DMZ sign on page or equivalent that has be configured to enable self-registration as a temporary user. He has a need to send a package and/or some files to Mary, a registered Ad Hoc Transfer user. Normally, Mary would need to get her administrator to add David to the system, but because self-registration as a temporary user has been enabled, David can self-register and send Mary a package to her email address. Following the process of self-registering, as configured by the organization administrator, David enters Mary's email address, his email address, and the letters in the presented "Captcha" question (which shows distorted letters and requires correct entry). David is next asked to enter a password.
  
  David has now been set up as a temporary user. For this package, he has limited access to Ad Hoc Transfer (he can only communicate with Mary) but he has been set up to have wider access (the ability to send to other users) until his account expires. His account will be automatically expired after 7 days of inactivity (or whatever Mary's administrator set the temporary user expiration settings to be).
  
  In a few seconds Mary will get an email message containing a link to the new package David sent to her. She can use her email or DMZ account to view the package, download files, and reply and send files to David.

A Guest User has capabilities similar to a Temporary User, except that the Guest User is further restricted to viewing or sending a single package. If the administrator configures Ad Hoc Transfer to use 'Package Passwords', when a registered user sends a package, the guest-user recipients will receive a password for that package only. The guest user recipients will log on with that password, and can view a package, download files in it, and reply to the package. The Guest User will not have an account on the MOVEit DMZ system; the Guest User suits one-time use scenarios.

If the administrator enables Unregistered Senders along with 'Package Passwords', an unregistered user can self-register as a guest-user sender. The guest-user senders will either be automatically logged on after self-registering with a "Captcha" or they will manually log on with password using a password sent by email after they self-register. Then they can create a package, upload files to it, and send it.

User

User accounts provide a basic level of access to the clients, customers and partners of a particular organization. Every user account comes with a home directory into which users can upload files for the organization and into which the organization will copy files for the user. Through the use of secure sockets, an encrypted channel is used to transport sensitive files safely between a user's home folder and the user's local computer across the Internet.

Frequently users are granted additional privileges to read files from organizational distribution folder.

A user lacks the power to view the files or activities of other users, but a user does have online access to an extensive audit of every activity which took place against their files or account. In any active organization most MOVEit DMZ accounts will be user accounts.

File Rights: A user may transfer files between his or her local computer and his or her home folder. A user also frequently has the ability to read files from one or more distribution folders.

Administrative Rights: A user may track his or her files and may see when changes were made to his or her account details. A user may change his or her own password, contact information and email address.

Example(s):

• Max is an employee in the human resources department of Argyle Industries. Argyle Industries uses Woodstock First Bank to process its payroll. Max wants to send his highly sensitive payroll file in a secure fashion directly to Woodstock First Bank. Max should not be allowed to see the payroll files sent in by other companies. Max is an ideal candidate for a user account.
• Fred is a customer of Plaid Software, having purchased its award-winning Kilt software and related support. Plaid Software wishes to make the latest version of Kilt available to its customers at all times so it sets up a "Kilt" distribution folder and allows Kilt licensees to download files from this folders. Fred is an ideal candidate for a user account with additional rights to read from the Kilt distribution folder.

GroupAdmin

GroupAdmin permission is granted to Users on specific Groups. This class of permission will NOT appear in the "Permission" field of a user's record, but it will be indicated in the list of groups this user belongs to. GroupAdmin permission can mean different things depending on the specific group settings, but it generally means that a GroupAdmin has a limited ability to add/remove/modify other users in the GroupAdmin's group.

GroupAdmins are typically promoted to their position to allow remote administrators access control over a group of related users. For example, an insurance company may delegate GroupAdmin control to an IT staffer at a partner provider with twenty separate users on the insurance company's MOVEit DMZ. This would allow the IT staffer to control access by employees (or ex-employees!) of his own company. (This is particularly useful when dealing with companies with high turnover.)

See Web Interface - Groups - GroupAdmins for more information.

Hint: Add all users to an "All Users" group and make help desk Users GroupAdmins of the "All Users" group to allow your help desk to change passwords but not access the MOVEit filesystem.

FileAdmin

FileAdmin accounts allow selected people in the offices of a single MOVEit DMZ Organization to work with ALL files received from multiple Users and multiple anonymous web form submissions. Because of its relative power, the FileAdmin access level is an optional access level designed as a convenience for small organizations who wish to give a small group of trusted people complete access to any file which passes through their organization. (Larger organizations will find it useful to divide sections of file authority by assigning privileges to user groups.) One exception to this rule are accounts set up to allow MOVEit Central to connect; Central accounts are commonly FileAdmin accounts.

Hint: Use a FileAdmin account to connect MOVEit Central to MOVEit DMZ.

File Rights: A FileAdmin may view, edit, move, delete and download files from any folder in his or her Organization. A FileAdmin may create new folders or delete old folders. A FileAdmin may also upload files from his or her local computer into the MOVEit DMZ system.

Administrative Rights: A FileAdmin may track any files in his or her Organization including all files uploaded by his or her Organization's Users. A FileAdmin may see when changes were made to his or her account details. A FileAdmin may change his or her own password, contact information and email address.

Example(s):

• Erik is a corporate accounts specialist with Woodstock First Bank. Erik wants to pick the payroll files from Argyle Industries and several other customers off the MOVEit DMZ system. Erik should not have the power to change the corporate color scheme or add new users. Erik is an ideal candidate for an FileAdmin account.
• A corporation would like to set up an MOVEit Central inside their private network to automatically download and process files received from various customers. IT staff would like the MOVEit Central to browse and pull files from any folder on the MOVEit DMZ system. MOVEit Central will most likely require a FileAdmin account.

Admin

The most powerful account in any Organization is an Admin account. These accounts allow people in the office of a MOVEit DMZ Organization to control the appearance, users, groups and security settings of their particular Organization. An Administrator has the power to add and delete other users, change colors and specify who users should contact with problems or questions. There will normally be only one or two Administrators for each MOVEit DMZ organization.

File Rights: (same as FileAdmin) An Administrator may view, edit, move, delete and download files from any folder in his or her Organization. An Administrator may create new folders or delete old folders. An Administrator may also upload files from his or her local computer into the MOVEit DMZ system.

Administrative Rights: An Administrator may track any files in his or her Organization including all files uploaded by his or her Organization's Users. An Administrator may see when changes were made to any account in his or her Organization. An Administrator may add or delete Users, FileAdmins and Administrators and may change the password, contact information and email address of any user in his or her Organization. An Administrator may change Organizational settings such as colors, corporate logo, contact information and the "Message of the Day" displayed to everyone who signs onto his or her Organization.

Example(s):

• Linda is a trusted IT manager of Woodstock First Bank. Linda is in charge of adding and removing user accounts, matching the appearance of the MOVEit DMZ system with the Woodstock First Bank theme and occasionally needs to figure out what happened to a certain file. Linda is an ideal candidate for an Administrator account.

SysAdmin

The most powerful accounts on any MOVEit DMZ server are SysAdmin accounts. SysAdmin accounts allow people from the organization(s) hosting and/or sponsoring the MOVEit DMZ server itself to create, configure and remove Organizations. A SysAdmin also has the power to act as an Administrator of any particular Organization on the MOVEit DMZ system with one important exception: SysAdmins are not allowed to read or write files to or from any particular organization. This restriction not only enforces the privacy and confidentially of each organization, but also ensures that the administrators of each system remain in control over those users who may work with the local filesystem.

Because of their great power, SysAdmin accounts should be protected carefully and used only to establish, configure or remove organizations or to change global settings which no other account can. (By default SysAdmins are allowed onto the system only if they are actually seated at the MOVEit DMZ console.)

Hint: Unless you run a data center with multiple MOVEit DMZ organizations, it is generally easier to do most of your administrative tasks (e.g., add/delete users) as an Admin in your default organization instead of as a SysAdmin.

File Rights: A SysAdmin may view, download and delete system-wide audit files. SysAdmins may NOT view, upload or download files to or from institutions, although SysAdmins certainly do have this power within their own restricted "Org #0".

Administrative Rights: A SysAdmin may track any significant errors which occurred on the system as well as any activities he or she or any other SysAdmin performed. A SysAdmin may enable or disable any file processing service and may add, modify or delete entire Organizations. (More power is available after assuming the role of Administrator for a particular Organization.)

Special Abilities: A SysAdmin may assume the role of an Administrator for any Organization. When a SysAdmin "drills down" into an Organization, a SysAdmin temporarily loses the abilities of a SysAdmin and gains those of that Organization's Administrator, minus the ability to work with files. A SysAdmin may "pop up" into full SysAdmin mode by leaving that Organization.

Example(s):

• Standard Bank Services purchased MOVEit DMZ to provide secure data transport and collection services to three member banks. Jason is an employee of Standard Bank Services and has been given the task of setting up and maintaining Organizational accounts. As part of his duties Jason also provides help over the phone and he occasionally finds it useful to view Organizational settings. Jason is an ideal candidate for a SysAdmin account.

Navigation Links

The navigation links displayed on the left side of the screen are determined by the current user's permission.

The following table summarizes the relationship between permission and visible links. ("Y" = yes; "*" = if licensed and org-level option enabled)