Swif now provides a solution for organizations to manage user account permissions across device groups efficiently. Admins can configure policies to ensure that all user accounts (except the Swif Admin account) on devices within a specified device group are automatically set to Standard permissions. This feature improves security by restricting unnecessary admin access while ensuring flexibility when administrative tasks are required.
Key Features
Device Group-Level Setting: Automatically enforce account permissions for all devices in a specific group.
Standard Permission Default: Ensures all accounts (except Swif Admin) on a device have Standard access, reducing potential security risks.
Dynamic Policy Adjustment: When admin-level access is temporarily needed, adjustments can be applied seamlessly without disrupting group policies.
How to Configure Automatic Standard Permissions
Access the Device Group Settings
Log in to the Swif Admin Dashboard.
Navigate to Device Management > Device Groups.
Select the device group you want to configure.
Set User Account Permission Sync
Enable the User Account Permission Sync option.
By default, Standard permission is chosen
Apply the Setting
Save the changes to enforce the setting across the selected device group.
Temporary Administrative Access for an Admin
If an admin needs to use a device temporarily with their elevated permissions:
Go to Device Detail > Accounts
Set to Admin Permission for a duration:
Swif will automatically set the account to admin permission.
Revert to Standard Permissions:
Once the admin session ends, the device reverts to enforcing Standard permissions for all user accounts (except Swif Admin).
Benefits of This Feature
Enhanced Security:
Reduces risks associated with unnecessary admin access by defaulting to Standard permissions for all user accounts.
Flexibility for Admins:
Temporarily deploy admin-level policies for specific use cases without disrupting group-level settings.
Simplified Management:
The centralized configuration ensures consistent permission enforcement across all devices in a group.
FAQs
What happens if a new user logs into a device?
The policy automatically sets their account to Standard permissions, ensuring consistent security enforcement.Does this affect the Swif Admin account?
No, the Swif Admin account retains its administrative privileges and is excluded from the Standard Permission Enforcement policy.Can I apply this policy to multiple device groups?
Yes, you can configure this policy for as many device groups as needed.
Conclusion
Swif’s automatic Standard Permission Enforcement simplifies device group management, enhances security, and ensures flexibility for administrative tasks. By maintaining a secure baseline of permissions while allowing temporary admin access, this feature helps organizations balance productivity and security seamlessly.
For more information or assistance, contact Swif Support at support@swif.ai.