Access Reviews in User Portal

Access Reviews (AR) are periodic checks to ensure that only authorized users can access Workspaces within myDRE. They allow Accountable and Privileged members to review and confirm user permissions. Access Reviews unburden the Workspace Accountable and the organisations in their requirement to stay compliant with rules and regulations around Access management. 

The AR is triggered automatically based on a pre-set schedule, which can be one-time, weekly, monthly, quarterly, bi-annual, or annual. However, local Research Support (RS) members can also start an AR on an ad-hoc basis. Once an AR is activated, Accountable and Privileged members will receive email notifications with links to the relevant workspace(s). Inside the workspace's Members Tab, they can review member access by selecting options like Approve, Restrict, or Delete, and can confirm or approve access for all users at once to finalize the review.

How it works

After the Access Review is initiated, the Accountable and Privileged members of the workspace will receive an email notification to review the member list. If members are not reviewed within the time frame provided (Enforcement) in the email, their access will be restricted to only the Members tab and the Details page in the workspace.

If the Workspace Accountable does not complete the access review before the specified due date (Enforcement), the system will automatically place all members who have not been reviewed into a Restricted state. To avoid this automatic enforcement, ensure that all access reviews are finalized promptly within the given timeline.

If you have been Restricted, please contact the  Accountable or the Privileged members that can be found in the Members or Details page of the workspace.

Let’s see how this works in practice:

1. Access the workspace you are a member of and go to the Members tab > Access Reviews. The image below shows "No active access review found for workspace ". This is normal if the AR has not been initiated.
   

1. When an AR is initiated, the notification email will include the workspace name. Open the workspace mentioned in the email, and under the Members tab, you will see the following:
1. Members under review will have a question mark displayed next to their name during the review process. They are also listed on the Access Reviews tab until their role is confirmed.
2. No question mark for the Accountable, meaning that the Accountable is not under review.

If a user is added to the workspace after the Access Review has been initiated, they will not be included in the Access Review.

Access Review performed by Workspace Accountable or the Privileged member

1. In the Access Review, only the Accountable or the Privileged members can manage access for others. They can approve, restrict, or remove access, and there is an option to approve access for all members at once to complete the review. 
   

1. To restrict a member, read and confirm the restriction in the pop-up window.
   

1. Restricted members have limited access. They can only view the Workspace and information about other members. 

If you have been Restricted, please contact the  Accountable or the Privileged members that can be found in the Members or Details page of the workspace.

• Related Articles

• Using the Azure Portal

  DRE is suitable for any type of user. However, perhaps you already have lots of IT experience and you know your way around Azure. That's when it might be interesting to know that you can also access your workspace resources through the Azure Portal. ...

• Activity Feed User Portal

  Understanding the Activity Feed in myDRE User Portal First version: 2024-05-21 The Activity Feed is a powerful tool that provides real-time insights into various actions and changes within the Workspace. Mindful Usage to Manage Costs It is important ...

• External access in your workspace

  Introduction By default myDRE workspaces do not have connection to the internet. This ensures that data within the workspace is secure and auditable - we know what comes in, and what goes out. However, sometimes you do need a connection to a web ...

• launch new end-user portal

  Dear myDRE users, We have some exciting news to share with you! We have launched a brand new and improved user interface that will make your myDRE experience even better. The new platform is more streamlined and user-friendly, and we can't wait for ...

• New end-user portal deployment March 24th, 2023

  Dear myDRE platform users, We're thrilled to announce that a brand new and improved user interface will be rolling out from March 24th, 2023 (15:00 UTC+1) to March 26th, 2023 (23:59 UTC+1). This upgrade will take your myDRE experience to the next ...