Skip to content

Data Access Security Admin Help

The terms "user" and "user permissions" in Data Access Security are used in two different contexts:

  • Business Resource Users - Entities within the organization, their access permissions to various company resources, and the activities they perform on these resources.
    • Users - Entities such as company employees and bots with access to company resources.
    • User Permissions - Permissions or capabilities granted to a user to perform tasks such as reading and writing to a Windows File Server, sending emails, writing to Google Drive, deleting files, etc.
  • Data Access Security Users - Administrators and users of Data Access Security and their access permissions to various parts of the application. What reports they can run, what resources they are allowed to view, etc.


Review the following main capabilities of Data Access Security:

  • Crawling - Crawling is a process that discovers the business resources of a specific application, such as folders, mailboxes, etc. It is the first task performed on an application, since business resources are required for many other capabilities, such as Permissions Collection and Data Classification.

  • Identity Collection - The Identity Collector is a software component responsible for synchronizing identity data (for example, accounts and attributes) from identity stores.

  • Permission Collection - Permissions Collection is a process that discovers and collects permissions on the business resource of an application. These permissions are later used and displayed in Permissions Forensics, Access Certification campaigns, Access Requests, and in other locations.

  • Data Classification - The Data Classification mechanism provides the ability to discover and classify resources and files containing sensitive information, such as credit cards, personal information, and health records.