Provide Access to a Limited Set of Data

By default, only users designated in Netwrix Auditor are allowed to view its configuration and collected data. This policy ensures that only authorized and trustworthy users access sensitive data and make changes.

However, in some cases, organizations need to provide certain employees with access to a limited set of audit data. For example, an auditor might need to review particular access reports once or twice a year. You can provide these users (recipients) with means to review the data they need without actually running Netwrix Auditor. This ensures that dedicated specialists have access to the data while preventing data breaches and ensuring that sensitive data is not being distributed across the whole company.

Netwrix recommends granting limited access permissions to employees who need to:

  • Review audit data periodically in accordance with company policy

  • Review audit data accumulated over time
  • Be notified only in case of a rare incident

To grant limited access to audit data, you can:

Do.. Recommended use

Schedule email report subscriptions

This is helpful when you want to share information with a group of employees, external consultants, auditors, and so on. Reports are sent according to a specified schedule and recipients can review them, but they do not have any other means to access audit data. Basically, this option is enough for employees who are interested in a high-level summary—for example, an auditor who performs monthly access rights attestation on critical folders or a senior manager.

Publish reports to file shares

This scenario works great for a helpdesk with several departments. Assume, each department has its own field of responsibility and must not disclose information to other departments. You can configure Netwrix Auditor to publish reports to folders that can be accessed by employees from a specific department only. You might set up the following folders and permissions:

  • The user support team has access to a folder with reports on account lockouts and password resets.
  • File server helpdesk personnel have access to a different folder with daily reports listing all file removals.
  • The helpdesk supervisor has access to both folders.

Configure alerts

This is helpful for rare occasions when you have to notify some senior specialists about critical system state that has to be addressed immediately, e.g., CISO must mitigate risks in the event of massive deletions in the sensitive data storage.