Skip to main content

Quickstart

Content

Product presentation

Entreprise Vault is a productsolution which allows mainly to store users’ logins and passwords.

It provides security and a good user experience when it comes to storing and sharing credentials.

It is a cloud-based business tool, which means that the data is stored encrypted on a database accessible from anywhere and under the control of administrators.

User and permission management isare based on WALLIX Trustelem.

So, to use the vault, there are 2 steps:

  • Authenticate with Trustelem to access the application.
  • Provide a master password to encrypt/decrypt the credentials

This master password is known only by users, but to handle its lost or the departure of employees, there is recovery mechanism.

There are 2 populations which interact with the product.

The administratorsusers 

  • SAetup the users, and the accessuthenticate using Trustelem to access Entreprise Vault (single or multi factor)
  • SetupProvide a master password to encrypt/decrypt the vault with the organization parameterscredentials
  • Manage users, and the recovery of their data
  • Audit the vault

The users 

  • Store items, mainly credentials
  • Share items, mainly credentials
  • Send encrypted information
  • Get security status about the used password

The administrators

  • Authenticate with Trustelem to access the admininistration page
  • Manage users, and their access using Trustelem
  • Manage Entreprise Vault with the organization parameters
  • Manage user master password recovery 
  • Audit the vault

Administration

When the subscription is created, the administrators have to realize the initial setupVault for the Vault.setup.

Then, the work concerns mainly the user lifecycle management: create or delete users, unlocking those who need help and finally check the product status and logs.

Trustelem management

Initial setup

The first step when youa customer acquire Enterprise Vault is to set upconfigured Trustelem. The goal is to define which users will have access to theEntreprise applicationVault and how. These actions are performed by Trustelem administrators.

There are therefore 4 main steps in the setup.

Note: Trustelem administration page should always be secured using multi-factor authentication. To do so you need to enroll a 2nd factor for the admin accounts, then enable multi-factor using the option "Authentication level for Trustelem admin console" on Security settings > General.

Subscription management

When the initial setup is done, Trustelem administration page is still usefull for:

  • Managing changes in the setup (new users, new 2nd factors, new enrolment process...)
  • Managing user password lost
  • Managing advanced features (silent authentication, self-service password reset, siem integration, API automations...)
    More information about Trustelem are available here: https://trustelem-doc.wallix.com/books/trustelem-administration
  • Auditing the authentication

Entreprise Vault setup

Explain

Entreprise how theVault administration page works, and the avalaible policies

Manage users, and the recovery of their data

access-rule

èTo Documentationaccess notEntreprise doneVault yet,administration page, a summaryTrustelem canuser bemust producedhave here before it’s done

è It should explain how to manage users (deletion, modification, help…)

è Then integrate the linkaccess to the recoveryEntreprise documentation,Vault administration application.
By default, the subscription administrator is in the group "Entreprise Vault Admin" which alreadyhas existsthe access to this app.
To add new Entreprise Vault administrators, the users must be affected to this group.

Entreprise Vault administration page

As said in the previous point, the Entreprise Vault administration is done through an application. So, to access this app the administrators must use their Trustelem dashboard: https://your_domain.trustelem.com.

Manage users

As a reminder, users creation is done through Trustelem admin page and not with Entreprise Vault admin app.

On the Entreprise Vault admin app you can manage:

  • èThe deletion of Entreprise Vault users in the Entreprise Vault data base.
    It will not remove the user in Trustelem
    It will delete all the associated Items
  • The Don’tobligation forgetfor users to speakchange abouttheir master password at the consequencesnext onconnection
  • The change of user encryption keys

More information are available here: provide the Vault,LINK

Manage organization policies

On the Entreprise Vault admin app you can manage the settings applying to the entire company.
You can define rules for the deletion/expiration/lost rights oflogs, the Trustelemsecurity, userthe recovery...

AuditMore information are available here: provide the LINK

Audit the vault

èOn Documentationthe notEntreprise doneVault yet,admin aapp summaryyou can beaudit produced here before it’user's doneitems, and share vault's items.

èMore It should explain whatinformation are theavailable usefulhere: information onprovide the admin dashboardLINK

End users

The usersuser journey begins when their account is created on Trustelem. 

  • If they are created localy, they havewill receive an enrolment link to define their password
  • If they are synchronized from a directory, the administrators will communicate about the account creation

Then users can access to the ExternalEntreprise Vault application andusing definethe aurl: master password to protect their data. They can then begin to store and share items like identifiers, or notes.https://vault-your_domain.trustelem.com

To use the product,First they willneed haveto the choice ofauthenticate using theTrustelem vaultcredentials web(Trustelem page, browser extensionspassword or mobiledirectory applications.password).

ButThen they can define or provide their master-password, depending on whether it shouldalready exists or not. This password will be notedused that certain operations are necessarily carried out viafor the webdata page.encryption.

LoginLater, they can choose to Vault

use

èa Explainbrowser whatplugin itor isa aboutmobile (login/pwdapp, +in master password. Speak also about the 1st login with the definition of the master password) and provide the linkaddition to the documentationwebsite.

Vault Home Screen

è Explain what is in this page (Vaults, Send, Tools, Reports, Shared vaults) and provide the link to the documentation

Create Item

è Explain what is an Item: Identifier, CB, Identity or Note, with the different important fields in these items and provide the link to the documentation

Create Folder

è Explain what it is (focus on what is the interest of folders) and provide the link to the documentation

Search an Item

è Explain what is searchable / how to do it and provide the link to the documentation

Use a Shared Vault

è Explain what it is (Items shared with other people inside the Vault) and provide the link to the documentation

è Explain how the creation/sharing/rights work

è Explain also what a collection is (folders at an organization level in a shared vault) and provide the link to the documentation

Other features

è Explain the basics of send/pwd generation/report and provide the link to the documentation

Reset Master Password

è Explain how to do it and provide the link to the documentation

Change the settings

è Explain what are the important settings and provide the link to the documentation

Install Browser Extension

è Explain what are the possibilities and provide the link to the documentation

Install Mobile Application

è Explain what are the possibilities and provide the link to the documentation

 

 

 

Back to top