Account and App Security
Overview
This guide outlines the different security roles and types within the CSI Cloud Platform. See also Getting Started in the Cloud Dashboard for guidance in setting up iMIS security credentials for user access to the Cloud Dashboard.
What is an Admin User?
An Admin User is a user with administrative privileges within the context of the CSI Cloud Platform.
Admin users can:
View a list of all active app subscriptions
View and manage other Admin Users
View and manage App Security for all other users
Update account settings, including the Background Account
Admin users cannot:
Use a particular Cloud App, unless they are also assigned to it (see below)
Log in as, or impersonate other users within their organization
Who can be an Admin User?
Any iMIS staff member with active user credentials in iMIS can be an Admin User.
How do I manage Admin Users?
Sign in to the CSI Cloud Dashboard with an existing app user, and go to My Account > Add or Remove Admin Users.
Default Admins
iMIS Cloud
The first user to sign in to the Cloud Dashboard becomes an admin. If this user is deactivated or removed from iMIS, it is possible to end up without a valid admin account.
In this scenario, please contact CSI support providing your Cloud ID, and we will manually add an admin user back for you.
iMIS 2017
MANAGER is always considered an admin, so if you are not able to log in as an admin, please log in with the MANAGER account and add a second admin user.
What is App Security / an App User?
An App User is someone who has been assigned permission to use a particular cloud app within the CSI Cloud Platform.
App users can:
Browse and use any Cloud Apps that they have been assigned to
App users cannot:
Add or remove other App Users
See or use any Cloud Apps that they have not been assigned to
Who can be an App User?
Depending on the app, either any iMIS staff user with an active login, or any contact record in iMIS with an active username.
How do I manage App Users?
Sign in to the CSI Cloud Dashboard with an existing app user, and go to My Account > Assign or Remove Users.
Permissions Overview
The following table lists the permissions and roles matrix.
App User | Admin User | Notes | |
|---|---|---|---|
Log In to the Cloud Dashboard | |
| Any user in iMIS with credentials can log in, but if they are not an admin, and not assigned to any apps, they will only see an empty dashboard. |
Use a given Cloud App |
|
| Admin users cannot explicitly use any Cloud Apps, unless they assign themselves as an App User to each app. |
Add or Remove App Users |
|
| |
Add or Remove Admin Users |
|
| |
Update the Background Account |
|
| |
View Subscription Information |
|
|
Organization Example
The following table shows an example organization, including each staff user, their assigned role(s), and what functions they can perform in the CSI Cloud Dashboard.
Name | Department | Assigned Role(s) | Notes |
|---|---|---|---|
Bob S. | IT | Admin User | Bob needs Admin User rights to be able to manage the app security for his organization, including assigning other staff members to the Cloud Apps they've purchased. Bob isn't an App User because he doesn't need to use any Cloud Apps himself. |
Jeff T. | IT | Admin User | Jeff's manager Bob has given him Admin User rights, so that in the event that Bob is unavailable, Jeff can also manage App User assignments. Bob has also asked Jeff to keep the Background Account up to date. Jeff has also set up a few outbound data transfers via DataStation that he needs to manage, so he has assigned himself to be able to use DataStation. |
Veronica W. | IT | App User - Cloud SSO | Bob has given his developer, Veronica, access to the Cloud SSO app so that she can manage the SSO apps and settings that she is developing with. |
Sarah E. | Membership | App User - iEmail Cloud | Sarah is an App User who has been assigned to iEmail Cloud and iDMS iImport because Sarah is in charge of keeping membership records up to date. |
Rebecca N. | Marketing | App User - iEmail Cloud | Rebecca is an App User who has access to iEmail Cloud, so that she can send e-mails to committees and groups of members in iMIS more easily. |