FRR-RSC-01 - Top-level administrative accounts guidance
Providers must create and maintain guidance that includes instructions on how to securely access, configure, operate, and decommission top-level administrative accounts that control enterprise access to the entire cloud service offering.
The guidance should explain how top-level administrative accounts are named and referred to in the cloud service offering.
CSP supported
Yes
CSP secure configuration guidance
- Administrators can get started quickly by setting up the organization hierarchy, adding users, and checking data quality after data is added to the platform.
- When IBM Envizi ESG Suite is first provisioned for a client organization, it contains a single group and a location called Unallocated accounts, which is provisioned to capture data from automated uploads where no matching account is found.
- Decommissioning: Administrators must maintain the accuracy of access lists by removing or updating outdated contacts and users when roles change.
Prerequisites for administering the platform at provisioning
- Single sign-on is implemented by integration with client IdP.
- Password policy is managed and owned by client organization admin.
Related information
- For more information about setting up users, see Setting up users.
- For more information about setting up single sign-on, see Setting up single sign-on.