Enterprise Sharing and Governance
Table Of Contents
This guide provides instructions on how to use VoltShare’s enterprise features for compliance and governance. There are four main aspects that will be covered here:
- Creating a new teams account and add users (with SSO option)
- Setting up policy overrides to restrict what your enterprise users can do with the tool
- Setting up alerts for abnormal activity to Slack
- Visibility through audit logs
Create a Teams Account
Step 1: Download the VoltShare application from the VoltShare Downloads page.
Step 2: Install the application as per the following guidelines:
- macOS - Drag the downloaded application to the Applications folder
- Windows - Run the downloaded installer
- For Linux, the application is pre-compiled (for Ubuntu) and ready to use
The following sample image shows installation on the macOS:
Step 3: Once you install the app, you will be prompted to sign-in and/or sign-up. Press the option of sign-up under Teams and it will launch your web browser for the sign-up process.
To create a new team’s account with Volterra, you may get prompted to provide an invitation code. To request an invitation code please go to https://www.volterra.io/company/contact-us and fill-up the form or alternatively send us an email at firstname.lastname@example.org to request an invitation code.
Step 4: Choose a tenant name as part of the tenant creation. This example shows a new tenant named
acmecorp. Continue with the rest of the sign-up process to complete the process.
Step 5: Once you are signed up as an admin of the tenant, login to Volterra SaaS portal. Navigate the dashboard and select
IAM on the left configuration menu and
Users in the options. Click
Add user. This example shows adding two users with default role:
- User: Ankur Singla with email address: email@example.com
- User: Marco Rodrigues with email address: firstname.lastname@example.org
Note: Instead of configuring users manually, you can also configure SSO by following the integration guides for Azure Active Directory and G-suite in Integrations.
Step 6: Your team members receive email with instructions to set up their passwords. Notify your users to download VoltShare application and sign-in with their credentials.
Step 1: The admin user can configure governance policies to control the VoltShare app user actions. On the Volterra portal, select
VoltShare on the left navigation bar in the dashboard and select
Admin policies in options. Click
Add VoltShare admin policy. This examples sets the following controls:
- Decryption duration restricted to less than 30 days (2592000s)
- Sharing any encrypted data outside the organization
Alerts to Slack
Step 1: The admin user can configure alerts for any abnormal activity to be redirected to their Slack channel. On the Volterra portal, select
Manage on the left navigation menu and select
Alert Config ->
Alert Policy Sets in the options. Click
Add alert policy set, enter a name for the policy set, and apply a policy object using the
Select policy object option.
Add new Alert Policies and add a policy.
Step 2: Enter a name for the alert policy and create a receiver object as shown in the following example:
Step 3: Create a new receiver and provide the webhook URL corresponding to the
#alert-testing channel. Encode the URL as Base64 string and add as shown in the following example image:
Note: You will need to configure the Slack API to enable Webhooks. To do this, follow the instructions in the Slack guide for webhooks.
Once you enable Webhooks, you will receive a Webhooks URL that you can encode.
Step 4: After setting up the Slack channel as the receiver, you can set up the policy rule to match on a group. Select
Voltshare as the group and set the action to
Send to send it to the channel.
This completes setting up the VoltShare alerts with Slack. If any encryption or decryption attempts cross a certain threshold, the alert is posted in the configured slack channel.
Sharing and Storing
VoltShare app can be used by all your enterprise users with the constraints defined in your governance policy. The application prevents users from violating the policy for both encryption and decryption of data. Even though the application is very simple to use, the one nuance is that during definition of the “Encrypt Policy” in the VoltShare app, you have to add the right tenant name as part of providing the identity of the user(s) as shown below. You can also read the how-to guide to securely store and share.
Audit logs are useful for compliance purposes, post-mortem, and general day-to-day visibility. If an alert is triggered, the IT administrator can log into the tool and debug the problem.
Step 1: Configuring VoltShare alerts for Slack posts the alerts in your Slack channel for violations of the defined governance policies. This example shows the alert triggered at 5:22pm in Slack channel as per the alert configuration in the Alerts to Slack chapter.
Step 2: Upon receiving the alert, login to the Volterra portal and navigate to
Requests. Select the time frame to match the alert time and investigate the activity as shown in the following example: