How to Manage Users and Permissions in a CDP Environment

How are user roles and permissions configured in Sitefinity Insight?

Users must first be invited to your account or a specific datacenter. Once added, their permissions can be managed accordingly.

Can multiple administrators manage the same account simultaneously?

Yes, multiple administrators can manage the same Sitefinity Insight account at the same time. The platform supports concurrent user access for collaborative administration.

How does the platform track user access and activity?

Sitefinity Insight tracks changes made by users within their datacenters. These audit logs are maintained internally but are not currently available for public viewing.

What security measures are in place for user account management?

Sitefinity Insight employs multiple security features, including multi-factor authentication (MFA), role-based access control (RBAC), and adherence to compliance standards such as SOC2 and HIPAA to protect user accounts and maintain data privacy.

Can audit logs be exported for compliance purposes?

No, audit logs cannot currently be exported.

What options are available for managing personally identifiable information (PII)?

PII access is managed at the account level. If a user’s account is restricted from viewing PII, any data containing PII will appear obfuscated in reports.

How does the system support role-based access control (RBAC)?

Administrators can define user roles and assign permissions based on responsibilities. This role-based access ensures each user has only the necessary access to perform their tasks securely.

Can user accounts be synced with enterprise identity providers (e.g., SSO)?

Yes, Sitefinity Insight supports integration with enterprise identity providers using single sign-on (SSO), streamlining authentication and improving user management and security.

How are user sessions managed to prevent unauthorized access?

User sessions are managed with session timeouts, multi-factor authentication and administrative controls that allow manual user logouts if needed, helping to safeguard against unauthorized access

Multifactor Authentication (MFA)

How does Sitefinity Insight support multifactor authentication (MFA) for user accounts?

Sitefinity Insight supports MFA for user accounts by integrating with Microsoft Entra ID. This adds an extra layer of security, requiring users to verify their identity through more than one method.

What MFA methods are available (e.g., SMS, email, authenticator apps)?

Supported MFA methods include the Microsoft Authenticator App and third-party authenticator applications. Users can select from these options during registration. SMS and phone call methods are not supported.

Is there a recovery process for users who lose access to their MFA device?

Yes. Users can manage MFA devices via Microsoft’s self-service portal under Sitefinity Insight » Security info, provided they still have access to their current device. If the device is lost, contacting support is required.

Are logs available to track successful and failed MFA attempts?

Logs for MFA attempts are kept internally, but they are not accessible to Sitefinity Insight clients.