idgard User Manual Section II, Version 1 idgard User Manual

Similar documents
SERVICE DESCRIPTION & ADDITIONAL TERMS AND CONDITIONS VERSIEGELTE CLOUD. Service description & additional terms and conditions VERSIEGELTE CLOUD

idgard User Manual Section I, Version 1 idgard UserManual idgard at a Glance, Application Fields, Positioning, idgard vs. Others, Security Basics

User Help

Introduction Secure Message Center (Webmail, Mobile & Visually Impaired) Webmail... 2 Mobile & Tablet... 4 Visually Impaired...

SIMSme Management Cockpit Documentation

GRS Enterprise Synchronization Tool

Sync User Guide. Powered by Axient Anchor

Anchor User Guide. Presented by: Last Revised: August 07, 2017

Storebox User Guide. Swisscom (Switzerland) Ltd.

Android User Guide. for version 5.3

TeamViewer 12 Manual Management Console. Rev

WorksPad. User Guide

Salesforce Classic Guide for iphone

Using the Self-Service Portal

DSS User Guide. End User Guide. - i -

GoToMyPC Corporate Administrator Guide

AT&T Business Messaging Account Management

Salesforce Classic Mobile Guide for iphone

User Guide. BlackBerry Workspaces for Windows. Version 5.5

FilesAnywhere Features List

COMMUNITIES USER MANUAL. Satori Team

User Guide. Version R94. English

System Administrator s Guide Login. Updated: May 2018 Version: 2.4

PARTICIPANT (STUDENT) DOCUMENTATION Introduction. Getting Started. Requesting an Account

DreamFactory Security Guide

End User Manual. December 2014 V1.0

User Help. Fabasoft Cloud

Seite 1 von 20

Product Brief. Circles of Trust.

Cisco Collaborative Knowledge

User Guide. Version R92. English

Biz Storage File Share User s Manual

VDA 6.3-Analysis Tool User manual

Breeze at Penn State. About meeting roles and permissions

1. Open any browser (e.g. Internet Explorer, Firefox, Chrome or Safari) and go to

Bring Your Own Device

ACT Test Accessibility and Accommodations System (TAA) User Guide

EMPLOYEE DIRECTORY (SHAREPOINT ADD-IN)

Sona Systems, Ltd. Experiment Management System Master Documentation Set 20 April 2015

Netwrix Auditor for SQL Server

Cisco Meeting App. User Guide. Version December Cisco Systems, Inc.

Android Rep Console

Admin Table is oftr Caoto ntr e s U ntsser Guide Table of Contents Introduction Accessing the Portal

Welcome to ncrypted Cloud!... 4 Getting Started Register for ncrypted Cloud Getting Started Download ncrypted Cloud...

McAfee Security Management Center

User Guide. SaleSphere App and backend

for Credit is between September 5 and October 3 at midnight.

Administrator s Guide

ishipdocs User Guide

BlackBerry Workspaces Server Administration Guide

Getting Started with Soonr

owncloud Android App Manual

Let s work together. Instructions pcvisit ProfiSupport version from

BC6.3 User Guide (Part 1)

ClientNet Admin Guide. Boundary Defense for

Amazon WorkDocs. User Guide

Codebook. Codebook for OS X Introduction and Usage

samwin 5.1 R3 User Manual

Storage Made Easy. Providing an Enterprise File Fabric for INVESTOR NEWSLETTER ISSUE N 3

Getting Started. Opening TM Control Panel. TM Control Panel User Guide Getting Started 1

Sony Xperia Configurator Cloud User Instructions

CANVAS OBSERVER GUIDE

Cisco WebEx Best Practices for Secure Meetings for Site Administrators and Hosts

Reseller Portal Administrator Guide. CTERA Portal. November 2015 Version 5.0

Administration Guide. BlackBerry Workspaces. Version 5.6

Service Manager. Ops Console On-Premise User Guide

Sophos Mobile. startup guide. Product Version: 8.1

for Credit is from January 22 through February 20 at midnight.

START GUIDE CDMNext V.3.0

PARTICIPANT (STUDENT) DOCUMENTATION

Knowledge Hub Walkthrough

WINDOWS HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your PC or Server

Long Beach Unified School District. Portal User s Guide. August 2014

Notification Template Limitations. Bridge Limitations

bla bla Groupware User Guide

Consumer Banking User Guide. Getting Started

BRING YOUR OWN DEVICE: POLICY CONSIDERATIONS

Vodafone Secure Device Manager Administration User Guide

NotifySync 4.7. Notify Technology Corporation

Oracle isupplier. Supplier User Guide

DOCUMENTUM D2. User Guide

Professional Editions Setup Guide

SONA SYSTEMS. Manual for PARTICIPANTS (STUDENTS)

Product Documentation. ER/Studio Portal. User Guide. Version Published February 21, 2012

Salesforce1 Mobile Security White Paper. Revised: April 2014

22 August 2018 NETOP REMOTE CONTROL PORTAL USER S GUIDE

SCOUT SUSPENSE TRACKER Version 10.0

All hardware and software names are brand names and / or trademarks of their respective manufacturers.

EMS WEB APP User Guide

Amazon WorkMail. User Guide Version 1.0

1. Federation Participant Information DRAFT

Oracle Cloud. Content and Experience Cloud ios Mobile Help E

FACEBOOK SAFETY FOR JOURNALISTS. Thanks to these partners for reviewing these safety guidelines:

#1 Enterprise File Share, Sync, Backup and Mobile Access for Business

CHAPTER 1 - INTRODUCTION...2 WHAT IS ISUPERSUITE?...2 WEB-BASED APPLICATION...3 CHAPTER 2 - INSTALLATION CONFIGURATIONS...4 STANDALONE...

Acronis Data Cloud Version 7.8

Mobile Banking Online Banking Features Dashboard Pending Transactions Account Export Bill Pay Online Bill Pay

NextGen Patient Portal. User Guide.

VST Hospital Administrator Guide. Version 2.0.4

ForumPass Familiarization Participant Workbook June 2018

Transcription:

idgard User Manual Section I: idgard at a Glance, Application Fields, Positioning, idgard vs. Others, Security Basics Section II: Service Features Application via Browser Secton III: Administrator Manual Setting up Single Sign-onion III: Administrator Manual Setting up Single Sing-on Section IV: Application of Windows Productivity Tool Application of Office Add-In (Outlook, Word, etc.) Section V: Application via ios App Application via Blackberry / Android App Application via WebDAV Section VI: Further Tips & Tricks for Data Rooms Section VII: API Definition 1

Table of Contents: Section II Table of Contents: Section II... 2 1 Service Features Description... 3 1.1 User Types... 3 1.2 Privacy Boxes: Team Workspace... 3 1.3 Creating Folders... 4 1.4 Uploading, Moving, Renaming or Deleting Files... 4 1.5 Easy Versioning... 4 1.6 Viewing Files, Images and Videos without Download... 4 1.7 Downloading Multiple Files & Directories... 5 1.8 Deleting Files (Deletion Guarantee)... 5 1.9 Granting Access to & Sharing Privacy Boxeses... 5 1.9.1 Creating & Using Box Links... 5 1.9.2 Removing Box Links & Sealing Privacy Boxes... 6 1.9.3 Adding Users per Click... 6 1.9.4 Inviting Users as Guests... 6 1.10 Writing, Reading, and Answering Messages... 7 1.11 Chatting... 7 1.12 New Files & Messages / Timeline... 7 1.13 Marking Read Files as Unread... 7 1.14 Locking Files (Check-in & Check-out)... 8 1.15 Grouping Privacy Boxes & Tags... 8 1.16 Key Words for Directories... 8 1.17 Secure Login via 2-Factor Authentication... 9 1.17.1 SMS Passcode... 9 1.17.2 idgard Login Card... 9 1.17.3 Vodafone Secure Login... 9 1.18 Secure idgard Logout... 10 1.19 Access & Rights Management... 10 1.20 Access for Limited Periods of Time... 10 1.21 Temporary Privacy Boxes (Automatic Deletion)... 11 1.22 Auditable Data Rooms... 11 1.23 Data Backup (with Sealed Backup)... 12 1.24 Settings... 12 1.25 Modifying Passwords... 12 1.26 Creating a New PUK... 13 1.27 Session Time-out... 13 1.28 Help... 13 2 Licenses, Roles and Rights Overview (Charts)... 14 2.1 idgard Account Licenses & Rights... 14 2.2 Administration Rights... 15 2.3 idgard Privacy Box Roles & Rights... 16 3 Application via Browser... 19 3.1 idgard Login... 19 3.2 idgard Classic Login... 19 3.3 Browser Composition... 20 3.4 Simultaneous Work with Multiple Privacy Boxes... 21 3.5 Work per Timeline... 21 3.6 Languages & Other Settings... 22 Definitions / Glossary... 23 2

1 Service Features Description 1.1 User Types When you wish to communicate safely business internally and externally online, you can t necessarily expect your dialogue partner to use the same web privacy service as you. For this reason, idgard not only offers Full Licenses (licenses for staff in your own organization) but also one-time access (for non-recurring) and Guest Licenses (for external parties granted reading and writing rights). With the aforementioned access tyoes, you can invite external users to download files or, as a guest, to upload own files. If your Administrator has already registered your organization at idgard, then you will either receive a Full License from him/her per e-mail via access link, or your business has already prepared idgard access per Single Sign-on. In the latter case, simply click the idgard button in your browser or Intranet. If you receive a link, then it is either for one-time access or an invitation to become a regular user. In the former case, you simply have to respond to the security inquiry (captcha) and enter your name. In the latter event, you enter a user name and password of your choice, which grant you access to idgard. 1.2 Privacy Boxes: Team Workspace idgard service is founded on so-called Privacy Boxes. Each Privacy Box has storage space, in which files can be arranged in directories. These very boxes are also used to exchange messages, schedule appointments, and much more. Each Privacy Box grants a circle of authorized parties access. The parties include the creator of the box, i.e. Owner, and its further member(s). Said members can be granted or denied specific rights. A member may, for example, be granted Privacy Box management rights. 3

A user may also create Privacy Boxes for himself/herself only, without sharing it with others. However, the scope of members can also comprise all parties of a specific department or project. Finally, a Privacy Box may also be used for communication between merely two parties. 1.3 Creating Folders Any user granted writing rights may create folders or directories within a Privacy Box. The user that created the folder, the Owner and the Box Manager can each move or delete the folder. Every folder can include a description and key words, in addition to its actual name. 1.4 Uploading, Moving, Renaming or Deleting Files As long as the Owner or Privacy Box Manager have granted you the right, you may upload files either individually or collectively into each of the box's respective directories. These files and all other files can then be moved from one folder to another within that box, without having to be uploaded a second time, provided you have been granted the right. Lastly, you may delete the files that you uploaded yourself and, if granted the right, all other files in that box. 1.5 Easy Versioning When you upload a file with a name that already exists in a particular directory, a version number automatically appears in parentheses next to the file name. An exception is made if you have previously locked the file. In this case, the file is overwritten with the same name. However, to lock a file, you need deletion rights, which the Owner or Box Manager can grant you. 1.6 Viewing Files, Images and Videos without Download A variety of formats, i.e. PDF files, images, and videos, can be accessed with a simple click. These may be viewed (streamed) instantly, without having to define where they should be saved. Videos can be accessed, before they are completely downloaded. If you nevertheless wish to download a file and save it locally, you can select this option upfront. This option is also available per click in the file preview, in which you can already see its content. 4

1.7 Downloading Multiple Files & Directories If you wish to download more than one file or directory at the same time, simply mark them and click "download". This will automatically create a Zip file, in which the selected files and directories are wrapped together as one file. 1.8 Deleting Files (Deletion Guarantee) Clicking the wastebasket deletes files and messages. In conventional systems, deleted files often simply aren't visible anymore but not actually completely deleted. With idgard, confirming deletion leads to irreversible "nonrestorability" of files (as per Level 3 pursuant to German DIN 66399 standard). An exception is made if Sealed Backup was activated for a particular Privacy Box prior to deletion (see 1.23). 1.9 Granting Access to & Sharing Privacy Boxes es If you have created a Privacy Box or were granted management rights through the Owner, you may share the box with third parties and grant them access rights to the Box, as well. To do so, simply click the "share" icon. 1.9.1 Creating & Using Box Links One way to grant third parties access rights to a Privacy Box, is to create and use a Box Link. Such a link (capability URL) allows you to a) grant a non-idgard user one-time access (read-only rights) to a respective Privacy Box or to b) grant an idgard user (possibly from an altogether independent business) lasting access to a particular Privacy Box. In either case, each call to a Box Link reduces the total amounts of access attempts by one digit. Said access limit is pre-set to "150". Both the Owner and Privacy Box Managers can arbitrarily set the access volume to their liking anywhere between "1" and "10,000". 5

Security Note: Both a) and b) scenarios can be secured with an additional 2nd factor, i.e. a further password of your choice. Alternatively, you may also opt to select a password from the code suggestions feature. By clicking the "disconnect" button, all existing sessions mentioned in a) are interrupted. 1.9.2 Removing Box Links & Sealing Privacy Boxes If the Owner or a party granted management rights to a Privacy Box (Box Manager) sets the access limit to "0" (or simply selects "seal"), or if the previously defined lifespan of a Box Link expires, the link becomes invalid, i.e. null and void and can no longer be used. The Privacy Box is then considered "sealed". Security Note: Box Links contain a key that the idgard infrastructure uses to grant a user access rights. Upon sealing, a new key is created in the background with an internal key infrastructure (PKI) and deposited in the authorized parties' profiles, without ever leaving the idgard infrastructure. This enhances overall security. 1.9.3 Adding Users per Click Another way to add further users to a Privacy Box, is by simply add-clicking the names of your organization's list of idgard users and guests. 1.9.4 Inviting Users as Guests If you can't find an external party's name in said list, you can invite him/her as a guest. This third method of adding further users to a Privacy Box postulates that you enter the guest's name, e-mail and, if applicable, mobile number and then send that external party an invitation link. When your external dialogue partner accesses this link, a form is opened with which he/she can enter an own discretionary user name and password. When logging on to idgard with the aforementioned data, he/she automatically becomes a member of the Privacy Box from which you sent the invitation. Security Note: Entering a mobile number is recommended when an SMS Passcode is to be used for added security. Alternatively, one can also use an idgard Login Card or 6

Vodafone Secure Login to this end. It's up to the addressor to decide whether this added security should apply to mere registration or to every login thereafter in the form of 2- factor login. (See 2-Factor Authentication 1.17). 1.10 Writing, Reading, and Answering Messages You may create and save messages in any directory. These messages are displayed next to the respective files of the same directory, so they are automatically viewed in the correct context. Hence, a reader appropriately associates message content directly with respective file content. This spares elaborate explanations and saves time. Users may read and answer messages any time and establish threads (a series of messages in succession) akin to e-mail. These messages can be downloaded with files for the purpose of filing. 1.11 Chatting If parties granted access to a given Privacy Box wish to communicate briefly and informally yet confidentially with each other, they can use the Chat feature. The history of all chat messages can be downloaded or deleted by the Owner and parties granted management rights to a Privacy Box. 1.12 New Files & Messages / Timeline When idgard users create new files or write chat messages or memos, they are marked as unread. By clicking the marked Privacy Box or folder, the user intuitively accesses the unread files or messages. A separate view, the Timeline, lists notifications that can be sorted to one s liking according to time, Privacy Box, user, or file type. Users intuitively accesses unread files per click. This feature provides a quick overview of all changes regarding a specific group of users. 1.13 Marking Read Files as Unread As soon as you open a file or message, it is marked as a read notification. However, if you realize you don't have the time to devote yourself to that file just then, you can mark it as unread again. That way, you can easily find the file or message at a later point in time, when you have more time. 7

1.14 Locking Files (Check-in & Check-out) When working in teams, one often wonders who is currently working on a file, how to prevent various parties from modifying the file at the same time, and how to later conveniently consolidate the various results. The "Lock file" feature allows you to easily signalize to other members of a Privacy Box that you are currently working on a file until it is again unlocked. As long as the file is locked, the other members of that respective Privacy Box see who locked it. During this period, the other members can download the file but not upload it under the same name. Only a user that has locked a file can save it under the same name. Note: For smooth use of this feature, the users with check-out rights should be granted deletion rights, as well, so that substituting a file under a new name doesn't pose a conflict. This can be arranged by both Owners and Managers of a Privacy Box. 1.15 Grouping Privacy Boxes & Tags When a user works intensely with multiple groups or teams via idgard, his/her general overview shows a large number of Privacy Boxes. To facilitate filing and allow each user to create an own, individual structure, each Privacy Box can be tagged. These tags are not visible to other users. In your tag overview, you may filter your Privacy Boxes according to tags, in order to quickly isolate various box groups (e.g. private, business, internal, external). You may also create interfaces. 1.16 Key Words for Directories If you wish to make large file volumes available to other user or are granted access to Privacy Boxes with many directories yourself, then you can facilitate navigation using key words or catch phrases. One may create new key words per modification mode for a specific folder or simply choose from that section's list of given key words. Key words are visible to all parties within a Privacy Box. 8

1.17 Secure Login via 2-Factor Authentication Due to the increased risk of ID theft when working online, i.e. that the user name or password are stolen or guessed via cyber-crime, we strongly recommend enforcing 2-factor authentication when using idgard: 1.17.1 SMS Passcode In this case, with each login, once you have entered your user name and password, the idgard infrastructure automatically sends a six-digit code via SMS to your mobile phone. The SMS Passcode on the display of your mobile phone is then entered in the respective login field of your terminal. You are not granted access to idgard prior to this. Your Administrator(s) and/or the person who invited you to access id- GARD can arrange this setting for you. Should you not receive the SMS, due to poor mobile reception, you can also request it through an alternative path, using the link that is available next to the SMS Passcode entry field. 1.17.2 idgard Login Card If you have an idgard Loging Card, you will be asked to create a six-digit code using your Login Card every time you login (i.e. once you have entered your user name and password), which is then entered into the displayed field. Your Administrator(s) and/or the person who invited you to access idgard can arrange this setting for you. idgard Login Cards are available at Uniscon. 1.17.3 Vodafone Secure Login If you have booked Vodafone's feature "Secure Login" and your Administrator or the person who invited you to access idgard have adjusted this setting for you, each login via user name and password will route you to Vodafone, asking you to enter a PIN into your mobile device. 9

1.18 Secure idgard Logout When logging off from idgard, you can choose between: a) ending the current session only, b) ending all sessions except the current one, or c) ending all sessions, including the current one. Option b) is particularly convenient if you logged on to idgard with a foreign or thirdparty device and have forgotten to log-off. This instantly ensures that no unauthorized third party abuses this session. Irrespective of this feature, idgard automatically ends sessions once every 24 hours. This is only one of many further security features. 1.19 Access & Rights Management Each Privacy Box has a "members" area, in which its Owner and Box Managers can grant its users specific rights. These rights consist of: reading rights writing rights deletion rights the right to view members within a Privacy Box the right to chat The "Modify" area allows the settings of new Privacy Box members to be adjusted upfront. For a detailed breakdown on all licenses, roles and rights, see the chart in Chapter 2. 1.20 Access for Limited Periods of Time Depending on when a Privacy Box's content applies, it is sometimes advisable to only grant members access rights for limited periods of time (e.g., if a communication shouldn't be announced too early but requires much preparation, or if an invitation to tender should only be downloadable commencing a specific date. The beginning and end of said access period's date and time may be specified when accessing the menu "Modify box properties" and "Box properties". 10

1.21 Temporary Privacy Boxes (Automatic Deletion) In order to avoid data overkill and ensure that data is not stored longer than necessary, one can create a "Temporary Privacy Box". You Administrator can adjust the respective settings and rights to be granted. This easily prevents data overkill. As soon as the defined deletion date is reached, the Privacy Box is automatically deleted with its entire content. Notification of the user prior to expiration of the term is currently in development but not yet implementable. The Administrator can thus limit the lifespan of a Temporary Privacy Box. 1.22 Auditable Data Rooms As long as an Administrator books Data Room licenses and grants the Owner or Privacy Box Managers the right to create a Data Room, then they can upgrade a regular Privacy Box to a Data Room. In other words, PDF files can be assigned anti-forwarding security, if necessary. This is done either a) via dynamic watermark or b) via view-only feature. With a), every PDF file is marked with the name of the party who downloaded it and the time it was downloaded. With b), user are granted view-only rights and cannot download the files, that are also dynamically watermarked. One can also set an alarm that is triggered if a specific amount of files is accessed or downloaded by members of a Data Room within a defined period of time. The alarm alerts the Owner and Data Room Manager. A further feature of the Data Room is that all activity, i.e. file uploads, downloads, deletion, etc., is stored in an auditable journal. Said journal can be accessed and downloaded in its entirety or in filtered form. Finally, own usage terms can be defined for each Data Room, which are presented to each Data Room member prior to first usage (per click-through agreement, i.e. CTA). A user can then only access a Data Room once he/she has given his/her consent to the CTA. If usage terms are modified, each user is again asked to confirm his/her consent to the new terms. 11

1.23 Data Backup (with Sealed Backup) Your Administrator may also book Sealed Backup. This protects your data in the data center in the event of loss, accidental deletion, or disaster. Side Note: What is Sealed Backup? Conventional data security and backup systems, as opposed to idgard, have the drawback that they allow the service provider to access data, to restore it. This postulates that the service provider has an access key. Sealed Backup was invented exactly for this reason. In contrast to customary systems, with Sealed Backup, encrypted data is not restored back to its original system but rather, if necessary, to a separate system, where it can be downloaded per user name and password known only to you. In order to nonetheless be able to delete data as guaranteed in 1.8 if desired, Sealed Backup can be activated or deactivated individually per Privacy Box. 1.24 Settings The Administrator or your organization can define various settings that apply to you, although not visible to you as a user. Thus, idgard fulfills a broad range of requirements and special demands. At the same time, the settings of other features may be defined by the individual user, according to his/her liking. To name only a few: preferred Privacy Box overview (tags, tiles, list, or compact view) preferred folder overview within a Privacy Box (keywords, tiles, list view) preferred language (Deutsch, English, Italiano, Francaise, Espanol) 1.25 Modifying Passwords Should you have reason to believe that your password was misappropriated or stolen, or should your business decree password changes on a regular basis, you can do this via "Settings" and "Change password". 12

1.26 Creating a New PUK Right after registration, when you select a user name and password, you are assigned a Password Unblocking Key (PUK). With this key, you can create a new password even without an existing idgard session. If you lose this PUK, you need a new one, which can be created and printed under this heading. 1.27 Session Time-out Time-out, in which an idgard session ends automatically upon inactivity, can be defined arbitrarily anywhere between 10 minutes and 8 hours by the user, provided this right was granted by the Administrator. The extent of recommended time-out depends on the trustworthiness of the environment, in which idgard is used. Short-interval time-outs are recommended in cases, in which unauthorized parties can easily access your computer, tablet, or mobile device. If you are certain that no unauthorized parties can access your session, you can also set long-term intervals, for added convenience. 1.28 Help ln the Help menu, you find the phone number to our idgard Support hotline, various e-mail contacts, fax numbers, links to manuals and the Terms & Conditions, and a model Commissioned Data Processing Agreement regarding the commissioned collection, processing or use of personal data, which we recommend you conclude. 13

2 Licenses, Roles and Rights Overview (Charts) 2.1 idgard Account Licenses & Rights Licenses: Full Licenses Guest Licenses may be granted all rights granted limited rights and can not see internal directory Rights to respective action: 1 means is granted the right 0 means is not granted the right A means Administrator can define whether or not rights are granted Full License Guest License Action 1 1 Login with user name and password 1 1 Add login security via 2-factor authentication 1 0 Automatic login per Single Sign-on (SSO), LDAP/AD 1 0 Can see the names of those granted a Full License within an account A 0 Can invite guests 1 0 Can see the names of guests created by oneself A 0 Can see the names of those granted a Guest License within an account A 0 Can create/modify Privacy Boxes A 0 Can create/modify Temporary Privacy Boxes A 0 Can create/modify Data Rooms 1 0 May be granted administration rights 1 0 May be granted Registration Administrator rights The user that performs the initial registration is assigned a Full License and, owing to registration, the Registration Administrator role automatically. The user name and password, as well as the PUK of the Registration Administrator, are to be stored in a very safe place, since this data can not be restored by Uniscon (the service provider of idgard) for security purposes. For further details, please see the next subchapter and the Administrator Manual in Section III. 14

2.2 Administration Rights Administrators: Registration Administrator The user that performs an account's initial registration. All other users are "invited users". Administrator A Full License user granted administration rights by an Administrator Regular User A user with a Full License, who has the right to invite guests Registration Admini- Regular Action Administrator strator User 1 1 0 Can book licenses online and: switch package deals add further Full Licenses add further Guest Licenses order Data Rooms order Sealed Backup order SMS transfer of Passcode 1 1 0 Can create and distribute Full Licenses 1 1 1 Can create and distribute Guest Licenses 1 1 1 Can bar/delete guests invited by oneself 1 1 0 Can bar/delete all invited users 1 1 0 Can see, for all Full Licenses: how many Data Rooms were created how many guests were invited which guests were invited 1 1 0 Can see, for all licenses of an account: creation & registration date and time date & time of first & last login 1 1 0 Can adjust the settings of Full License rights to: invite guests create Privacy Boxes 15

Registration Admini- Regular Action Administrator strator User grant / revoke administration rights create Data Rooms view all guests 1 1 0 Can adjust settings for all users: email notification/reminder on/off 1 0 0 Can create Enterprise Secret for SSO 1 0 0 Can apply for / access Sealed Backup snapshot 2.3 idgard Privacy Box Roles & Rights Roles: Owner Box Manager Full member Guest One-time access Creator of the Privacy Box - only possible with Full Licenses and right to create Boxes - internal staff member from own account or - external party from external account Is granted the right to manage a Privacy Box - only possible with Full License - internal staff member from own account or - external party from external account Regular member with Full License - internal staff member from own account or - external party from external account Regular member with Guest License - external party from own account or - external party from external account Access via link, without idgard license - no license or rights necessary - if Box Code is activated, it must be available Rights to respective action: 1 means is granted the right 0 means is not granted the right E means Owner or Privacy Box Manager can define whether or not rights are granted 16

A means Administrator can define whether or not rights are granted The (internal and external) representatives of the various roles can either be granted their rights from one's own account or from an (external) third-party account. Management rights may also be granted to parties coming from organizations other than one's own. This freedom enables very efficient project management beyond company borders. Owner Box Manager Full Member Guest One-time Access Action 1 1 E E 0 Can see other Privacy Box members 1 1 E E E Reading rights (folders, files, messages) 1 1 E E 0 Writing rights (folders, files, messages) 1 1 1 1 0 Can lock all files 1 1 1 1 0 Can unlock files locked by oneself 1 1 0 0 0 Can unlock all locked files 1 1 1 1 0 Can delete own files, messages, etc. 1 1 E E 0 Can delete unlocked files, etc. of third parties 1 1 E E 0 Can chat (read & write messages) 1 1 0 0 0 Can download or delete chat messages 1 1 E E E Can participate in polls 1 1 E 0 0 Can initiate polls 1 1 1 1 0 Can add private tag to Privacy Boxes 1 1 0 0 0 Can share Privacy Boxes (link, click, guest) 1 1 0 0 0 Can modify Box properties Including: modify Box name create/modify Box description create Box Link, modify access limit create/modify Box Code add to / remove from Sealed Backup A A 0 0 0 Can convert Box into a Temporary Privacy Box & define auto-deletion date & time of Box 17

Owner Box Manager Full Member Guest One-time Access Action A A 0 0 0 Can upgrade Privacy Box to Data Room 1 1 0 0 0 Can adjust journal visibility setting 1 1 E 0 0 Can view and download journal 1 1 0 0 0 Can set Click-Through Agreement usage term 1 1 0 0 0 Can set anti-screen-scraping alarm parameter 0 0 0 0 0 Can set Data Room back to Privacy Box 1 1 0 0 0 Can eliminate members 0 1 1 1 1 Can be removed from Privacy Box 0 1 1 1 0 Can remove oneself from Privacy Box 1 1 0 0 0 Can grant full members management rights 0 0 1 0 0 Can be granted new management rights to Box 0 1 0 0 0 Can be rejected Box management rights 1 0 0 0 0 Can delete Privacy Box and its entire content 18

3 Application via Browser Users can access idgard with any common browser: Firefox, Chrome, Opera, Safari, Internet Explorer as of Version 11, etc. With idgard Classic, users even have limited access as of Internet Explorer 8 and unlimited access as of Internet Explorer 9. 3.1 idgard Login For registered users, idgard access begins via login at my.idgard.de. If your account is connected to a Login Card, or the SMS Passcode feature has been activated, you must generate a one-time password with your Login Card or deduct the SMS Passcode from your mobile phone. 3.2 idgard Classic Login For registered users, idgard access begins via www.idgardbox.de. From here (or using the login button at www.idgard.de), you are automatically forwarded to https://idgard.itsmyprivacy.de/login.jsp, where you can access idgard entering your user name and password. 19

3.3 Browser Composition Logging on to idgard with your browser opens the following view: 1.) idgard Task Bar The task bar on the top of your screen shows the idgard logo, that your organization's Administrator can replace with your own business logo. On the right-hand side of this bar, you find data regarding your current session. This is the time you accessed the last session, your name, the license type you are using, and your license's expiration date, if it no longer needs to be used. On the left-hand side of the task bar, you find the Site Navigator icon. It allows rapid access to your Privacy Boxes, as well as access to settings, help, and the button with which to close your session. 2.) Privacy Box Overview When you begin a session, you instantly access a Privacy Box overview, which summarizes all the latest information in idgard. A green navigation bar at the top of your Privacy Box Overview can be used to search terms, select the preferred view, create new Privacy Boxes, or close your idgard session. 3.) The main part of this page shows you an overview of your Privacy Boxes, either as tiles (which are convenient if you have only a few Boxes and are using a touch-screen) or as a list. Data Rooms are emphasized explicitly. 4.) When a particular Privacy Box is accessed, a blue menu bar is added to the green one. This task menu provides the appropriate tools, depending on the current view form (files, chat, poll feature, etc.). 20

5.) Just below the latter task menu, you find so-called breadcrumbs, i.e. paths showing the folders and subfolders you are currently in within a Privacy Box. Each tile (or each list, if you have chosen that view) shows further features, the instant your finger or mouse touches them. In the above illustrated example, the right-hand tile is marked with the mouse cursor, which reveals buttons to further features within that Box. 3.4 Simultaneous Work with Multiple Privacy Boxes If you open multiple Privacy Boxes, irrespective of whether per Privacy Box Overview or Site Navigator, they appear next to each other in the navigation bar, where you can go back and forth between the work areas. When you go back to a Privacy Box, you can continue where you left, without again having to use the Navigator. 3.5 Work per Timeline The more you use idgard as a communication tool, and the more data is exchanged for teamwork and common projects, the more you will appreciate the Timeline feature. Across the top of all Privacy Boxes and, consequently, across all dialogue groups, you will see all unread files, messages, chats, etc. This allows you to jump to the respective Privacy Box quickly, access the file and/or message, and react accordingly. Once you have completed a task, you can jump to the Timeline via Site Navigator and dedicate yourself to the next unread file and/or message. 21

If you are sure that you wish to mark certain objects as read, without accessing them, then you can do so either individually or an entire Privacy Box at once, in the column on the far right. 3.6 Languages & Other Settings idgard automatically applies the language settings of your browser. If your browser was set to German, idgard automatically appears in German. If you wish to switch to another language, simply go to the Site Navigator and select the language of your choice under the menu item "Settings". 22

Definitions / Glossary Access limit Account Administrator Anti-forwarding App Capability URL Captcha Chat Data Room Full License Guest License The number indicating how often a Box Link may be used. The sum of all licenses and access your business is granted, including those of your guests. An idgard account manager is called Administrator or, more simply, Admin. Protects PDF files in Data Rooms from being forwarded by its users. This is ensured, on the one hand, with a watermark that appears across the entire PDF file. On the other hand, files appear in view-only mode, so they can not be downloaded. Abbreviation for application. Stands for software applied on small, portable devices. An Internet link that implies certain rights and options. Said options can be limited, also in their period of validity. A Capabilty URL can often only be used once. A security inquiry or puzzle on your screen, that can conventionally only be solved by humans. This excludes access through digital robots. Brief text message, often used for informal communication. Short for Virtual Data Room. Represents an actual room, in which dossiers, records, and documents are filed securely, that should only be accessible to authorized parties. The files and documents in the Data Room are for reading only, and who has accessed which data is recorded per protocol. This virtual room also involves a journal and watermarks files, to hinder copying of files. Data Rooms can require prior consent to special usages terms. License for a staff member, whose organization has booked id- GARD. When communicating beyond company borders, one can not always expect external dialogue partners to use the same privacy service as oneself. Therefore, idgard als offers, besides Full Licenses (for staff members of the same business), Guest Licenses, with which external users are granted access to download files or can upload own ones. 23

idgard LDAP integration Passcode Privacy Box Read-only access Sealing A service based on Sealed Cloud technology, with which to exchange files and work in teams (a coinage of "ID" and "guard"). idgard ensures that the number of parties able to access a file is equal to the amount of people for which it is intended. Sealed Cloud technology excludes all undesired access of unauthorized parties. Lightweight Directory Access Protocol (LDAP) ensures directory access protocols, such as Microsoft Active Directory, which organizations use to regulate data access. Linkage of idgard to these digital business directories allow idgard access without having to enter a user name and password. If a user has logged on to a business network, he/she can access idgard with only one click. To prevent unauthorized parties from accessing data when a user logs on to idgard using his/her user name and password or an access link or Box Link, the user may be forced to use a further code, that is sent to him/her by separate means, i.e. a Passcode. idgard storage space and workspace are called Privacy Boxes. The members list of a Privacy Box defines who is granted access. Its members are the only ones who can write, i.e. upload, or download files in the respective area. Each Privacy Box constitutes a private circle of dialogue partners. idgard can create as many Privacy Boxes as groups that communicate. Users that don't dispose of idgard may be granted access nonetheless. A Box Link is created, with which the user can access a Privacy Box (via capability link technology). The user simply clicks the link and then accesses the Box and its respective content (per read-only mode). In information technology, security is often confused with mere encryption. However, the reliability of encryption technology often depends on who has access to the access keys. What's more, systems whose data is processed in unencrypted form are often protected against external attacks yet not internally (e.g. against parties in charge of the operating system). In contrast, sealing implies a hermetic technology, which, as opposed to mere organizational measures, technically excludes even service provider staff from accessing any data. In other words, mere organizational measures, in which access is limited to a strict number of authorized parties, are insufficient and can not be deemed secure. Seal- 24

ing, on the other hand, relies on purely technical measures, which completely eliminate any unauthorized access to data at all times. (See "Sealed Cloud" below). Sealed Cloud Synchronization URL WebDAV A technology that secures cloud infrastructures against business internal and external attacks. In conventional cloud infrastructures, provider staff and administrators can access all data that is processed on an OS level, a hardware level, or a software level. With its key distribution and data clean-up system, Sealed Cloud technically excludes that both external parties AND internal data center or service provider staff can access any data. Since areas with poor reception, that prevent you from being able to access idgard, are sometimes inevitable, but you nevertheless might need to access your data, the system offers automatic synchronization. This ensures that data stored elsewhere per id- GARD is automatically filed on your device, as well. For this feature, simply install the idgard Productivity Tool. Universal Resource Location, a web link to a particular internet server and directory. Web Distributed Authoring and Versioning (WebDAV), a standard that allows idgard data structures (e.g. file overviews) to be viewed as a directory. 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback