References:

See the SETUP - RESTRICTED interface here.

GENERAL SUMMARY:

  • This module is specific and restricted to the BUSINESS version of OBAKE.
  • This module was created to set some security features in each OBAKE copy/computer. Its main goals:
    • Allow or prevent the OBAKE users in this computer from changing some specific features during the files operations; and
    • Provide a capillary way to add a COMPULSORY AUTHORIZATION to all data encrypted through this specific copy/computer.
  • This option is intended to be used by the Information Security team (the company's technicians) or Area Managers. This module must be accessed through a unique login and PIN code.
  • The LOGIN and PIN are provided by another tool (OBAKE SETUP CONFIGURATOR), specifically designed to authorize technicians from the Information Security area or other related sectors of the company, such as the Information Technology or Compliance/Auditing areas. Therefore, this tool allows the registration of authorized technicians to set the controls found here, with great security. Please see the details about this tool in the topic within this chapter.


OPERATION SUMMARY:

  1. Open the OBAKE and let the technician access the RESTRICTED AREA. We strongly recommend that you or a person for you indicated to follow the technicians to see every change they are performing through this module
  2. They must inform their logon (the authorized e-mail) and PIN found in their mobile phone.
  3. Only after authorization can the technician change any setting or point to OBAKE some certificates (people) that must be present in all encryption performed in this specific computer/copy - like a SECTOR/AREA certificate (e.g., General Auditing or Compliance Area), or the area's manager certificate.
  4. All encryption will add all certificates indicated in the grid as "authorized persons" and allowed to get access to the encrypted files. Because of it, they are called "compulsory certificates" or "compulsory shares".
  5. Important: "compulsory authorizations" cannot be removed from any encrypted file, nor if using the CHANGE AUTHORIZATIONS module.