- What do I need to enable my Security Officers?
- How can I configure my Security Officers?
- Who can be a Security Officer?
- What products require a Security Officer approval?
- What type of actions require a Security Officer?
- How does the Security Officer workflow approval works in GAT+?
- How does the Security Officer workflow approval works in GAT Flow?
The Security Officer is a user from your domain that is responsible for approving or denying the changes requested by any Admin.
What do I need to enable my Security Officers? #
To enable Security Officers you would need to have a paid licence with the Admin Plan or higher for Enterprise and is included in all the plans for Education.
How can I configure my Security Officers? #
To configure your Security Officers you would need to firstly have a paid licence as per the previous question and secondly email us at unlock@gatlabs.com
Only the GAT Labs team can add, remove or change the Security Officers in your domain.
For easier management, it is recommended to have at least two Security Officers in the domain. If you don’t have a second person you can create a service account such as unlock@yourdomain.com
Who can be a Security Officer? #
The Security officer can be any user of the domain, it does not matter what Google Workspace privileges they have.
What products require a Security Officer approval? #
GAT Unlock within GAT+ and GAT Flow
What type of actions require a Security Officer? #
- Allow setting up Email delegation within GAT+
- Allow setting Email auto-forwarding within GAT+
- Allow change of ownership of Drive files within GAT+
- Allow altering Drive files by adding and replacing existing permissions
- Allow copying Drive files
- Allow viewing File content
- Allow download of the File content
- Allow viewing Email content
- Allow download of Email content
- Allow Admins to onboard offboard and modify users within Flow
How does the Security Officer workflow approval works in GAT+? #
When the Admin sends a request for any action that requires Security officer approval, an email will be sent to the officer.
The email will look similar to the screenshot below, depending on what is the request for.
Clicking on the link ‘click here’ will lead to the Security officer tab in GAT+.
By default selecting the link from the email will lead to the exact field from where the request can be approved or denied.
In each of the section, the Security officer just selects the request and approve or deny it.
File management will have the file permission changes required, Folder copy for copying folders, Grants is for view or downloading of files and emails. More information can be checked in the Dashboard section.
How does the Security Officer workflow approval works in GAT Flow? #
When the Admin creates a workflow and sends it to the Security Officer for verification, an email will be sent to the officer.
The Security Officer will receive an email notification that the workflow is waiting for verification.
By default selecting the link from the email will lead to the exact field from where the request can be reviewed and then approved or denied.
During the approval process, a message will appear confirming that the approval is indeed intended.
Once approved, the workflow is scheduled to run.
The workflow Requester receives an email notification about the approval.
Once completed successfully, another email is sent to the Requester informing them about workflow completion.
By default selecting the link from the emails will lead the workflow Requester to the exact field of GAT Flow from where the results can be reviewed.
NOTE:
- Only the GAT Labs Staff can enable Security Officers. Please contact us at unlock@generalaudittool.com for more information.
- For easier management, it is recommended to have at least two Security Officers in the domain.
- GAT Unlock is not activated during trials for security reasons.
