How to Configure a Policy
Policies are an essential part of the Bitium setup process, as it serves to give IT admins the flexibility they need to assign permissions around the various applications in your organization.
Policies are comprised of permissions and access control lists. Permissions include the ability to assign an app and the ability to view the password for an app. Access control lists include the list of roles that will be granted the permissions. These roles are admins, group admins, and a specific admin.
Policies are essential for a number of reasons, many of which are outlined below:
- Enables all admins, group admins, or a specific admin to assign applications that were added by one admin. Otherwise, admins that did not enter in the password for an application will be prompted for a password when assigning that application.
- Allows all admins, group admins, or a specific admin the ability to view a password for either a shared application (configured by another admin) or passwords for individual applications (configured by end users).
- Grants all admins the ability to close out Tasks associated with the applications that were added by an admin other than the admin trying to close out the Task.
- Gives new admins, group admins, or a specific admins inherited permissions for the apps included in the policy.
- Ensures permissions for apps are propagated to all admins, which is critical in the event an admin leaves the organization.
To configure a policy in your organization:
Manage “your organization.”
Click “Access Control Lists.”
Click on the “Admins” access control list (By default, all admins will be granted the permissions set in the policy. To add additional roles, click “Settings” and “edit” to add rules).
Click “Add Apps.”
Select the apps that you would like to add to the policy (By default, the apps you select will be “assignable” for all admins. To add “assign and view” permissions as well, meaning all admins can view the passwords for these apps, click the eyeball associated for each app).
To ensure that future apps added in your organization are automatically applied to a policy, we recommend that your turn on our Default Policy option.
It is important to note that the permissions applied in a policy are only effective if the credentials are “Managed” for the apps included in the policy. To learn more about how a password for an app can become “Managed,” please refer to How to see a user’s password.