A Data Guardian is an email address to which transcripts of administrator access and privileged user searches are sent. In general, a data guardian is specified as part of your ArcTitan account setup by TitanHQ or your service provider.

Go to the Basic Configuration > Data Guardians tab to manage data guardian settings. Data guardian settings are in the lower section of this page, as shown below.

When you have reviewed all settings, click Save to save your changes.

See the table below for information on each of the available settings.

Setting

Description

Transcript reference retain period:

This is the number of days the details of each email viewed by a privileged user, and summarised under a transcript reference, will be held in ArcTitan (default: 0).

Note

Transcript reference details will never be deleted.

If a value other than 0 is specified here, a data guardian is not able to review a privileged user search that was performed more than that number of days ago.

Data Guardians:

This is where you can specify the email address(es) to be data guardians. A data guardian is an email address to which transcripts of administrator and privileged user searches are sent. In general, a data guardian is specified as part of your ArcTitan account setup.

The following people are common data guardians in an organization:

  • HR Manager

  • Compliance Officer

  • IT Manager

  • CEO or other senior staff

See Adding, Editing and Deleting a Data Guardian.

Priv Transcripts:

If checked, this data guardian receives privileged user transcripts.

Admin Transcripts:

If checked, this data guardian receives administrator transcripts.

Enable user identity switching:

If checked this data guardian is allowed to switch identity.

Require Password Re-entry

If checked this user must re-enter a password to switch identity. If a password re-entry is needed, then the password of the original login (usually your LDAP Network password) may be entered OR the password of the account you are switching to.

Auto Logout:

Specify the time in minutes after which the user is be logged out of their session. This can be set individually for each user type. If you do not want an auto-logout, enter zero in this field.