⚙️Tenant Settings
04/2024
Last updated
04/2024
Last updated
Your CII identity security platform contains a range of tenant-wide settings and management features. This article provides a quick overview of each section and links to additional documents.
For CII users that would prefer a Dark Mode theme, click the Dark Mode option to toggle the theme of the UI. To revert to Light Mode, simply click the drop-down menu under your name and toggle back to Light Mode.
Under your name in the top right corner of the dashboard, the second menu option is Profile.
The profile section provides information about your user admin user profile within Oort. Actions available include:
Toggle the CII weekly tenant digest email on/off
Reset MFA for the Oort auth platform (not your own IDP or SSO MFA platform) - see Accessing and Securing your Oort Tenant for more information.
The System Logs page provides auditing events for your Oort tenant. For more information, please see the System Logs article.
The Tenant Settings page contains a number of different tenant-wide settings, including:
When logging into the Oort console, you can specify the landing page initial shown. Options include Dashboard, Users, Checks, or Integrations.
The Sensitive Applications list defines applications within your tenant that should be especially monitored for a variety of reasons, such as sensitive data, license cost, and unused entitlements.
For example, the Sensitive Apps list can be used in the configuration of specific Checks or Insights, such as the Unused Applications for a User.
This setting controls when your Oort tenants collects new integration data and sends daily notifications for non-event streaming enabled Checks or Observations. Note that the time is in UTC.
The default idle timeout for the Oort console is 15 min. Use this setting to change the timeout to align with your preferred security policy.
Oort can leverage specific groups within your primary IDP to define roles and permissions within the Oort tenant.
The roles and associated permissions are further outlines in the Role-based Access (RBAC) and Tenant Access Logsarticle.
The Protected Population feature within your tenant allows you to scope the Identity Intelligence Checks to only one or more specific groups from your IDPs.
Data will still be collected for user accounts that are not a member of one of those groups. However, Checks analysis will not be available and notifications will not be generated for any detections for those users, as they are unprotected by Identity Intelligence.
NOTE - Any changes in the Protected Population configuration will be reflected in the next full collection and analysis for your tenant. To manually trigger this process, go to the Integrations page as with a full admin account and select "Collect Now" for one of your identity sources, such as Entra ID, Okta, Google, or Duo Security.