Tenancy Management

Tenancies in Dekko

Tenancies are a centralised location for an organisation’s administrator(s) to perform activities that relate to user management, policy enforcement, usage reports and audit logging. Tenancies govern Hubs that are assigned to them, and an organisation can have one or many tenancies depending on their plan with Dekko.

Dekko client support can help organisations manage their tenancies or they can be completely independent.

Tenancy policies

DekkoSecure typically engages clients in a consultative process to determine the best policies settings for their use case(s). For clients with policy requirements that vary depending on their use cases, multiple tenancies can be set up.

Default policy configuration:

Minimum password length	8 characters
Session timeout	120 minutes
File retention	365 days
Enforce 2FA	ON
Trusted Tenant	OFF
Enforce Attributes	OFF
External File Verification	OFF
Enhanced Zero Knowledge	OFF

Note: default Tenancy policies should not be considered recommendations. Governance requirements vary per-client and should be considered carefully based on the descriptions and content provided by DekkoSecure.

You can learn more about policy from their descriptions below.

Example policy configuration:

Tenancy activities

Use the table below to check which administrative activities are available using the tenancy manager:

Users	Hubs	Traffic
Audit logs	Policies	Integrations

Users

Activity	Step(s)
Count users in a tenancy	Reference the "results" count at the bottom of the page.
Count users in a Hub	Enter the Hub name in the search bar, then reference the "results" count at the bottom of the page.
Check which Hubs a user belongs to	Enter the user's name or email in the search bar, then reference the Hubs displayed in the "Hubs" column.
Check the last time a user logged in	Enter the user's name or email in the search bar, then reference the date displayed in the "Last login" column. Note: login activity for SSO users can be found using your SSO administration tool(s).
Reset 2FA for a user	Enter the user's name or email in the search bar, then press [•••] and select "Reset 2FA". A new 2FA code will be presented to the user the next time they log in.
Check a users tenancy admin status	Enter the user's name or email in the search bar, then check for the ★ symbol in the "Status" column. Alternate: use the "Tenant admin" dropdown at the top of the page. Note: to add a new tenant admin please contact Dekko support.
Check which users have 2FA enabled/disabled	Set a preference in the "2FA" dropdown at the top of the page.
Remove a user from all tenancy Hubs	Enter the user's name or email in the search bar, then press [•••] and select "Delete user". The user will still be able to log in to Dekko, but will no longer have access to any in-tenancy Hubs or files. Contact Dekko support for absolute account deletion.
Reset a user's password	Enter the user's name or email in the search bar, then press [•••] and select "Reset password". Note: password reset is not available for SSO users.
Check which users authenticate using SSO	Set a preference in the "Azure AD" dropdown at the top of the page.

take me back to the activities index

Hubs

Activity	Step(s)
Check storage used by a Hub	Check the amount listed in the "Storage used" column. Tip: use the search bar to narrow down your results Tip: press the "Storage chart" button at the top of the page to see a visual representation of storage user per-Hub.
Count Hubs in a tenancy	Reference the "results" count at the bottom of the page. Tip: use the search bear to narrow down your results.
Check Hub admins	Enter the Hub's name in to the search bar and reference the user(s) listed in the "Admins" column.
Disable file sharing, mail or chat	Press the "Edit feature policies" button at the top of the page.
Check feature availability	Reference the "Files and eSignatures", "Mail" and "Chat" columns.
Change a Hub branding or user roles/visibility	Enter the Hub's name in to the search bar and then press the ✱ button to access Hub-specific settings. Note: you must be a member of the Hub and set as an admin to use this feature.
Delete a Hub	Enter the Hub's name in to the search bar and then press the delete button. Warning: Hub deletion is permanent. All files contained within the Hub will be removed and cannot be recovered.

take me back to the activities index

Traffic

Activity	Step(s)
See upload/download traffic for a specified period	Set a start and end date at the top of the page, then reference the displayed data.
See a Hub's upload/download traffic for a specified period	Set a start and end date at the top of the page, set the Hub in the Hub dropdown, then reference the displayed data.
See a User's upload/download traffic for a specified period	Set a start and end date at the top of the page, set the User in the User dropdown, then reference the displayed data (all users is default).
See cummulative data for a specified period	Set a start and end date at the top of the page, then select the "Show cummulative" button.
See traffic data in a table format	Set a start and end date at the top of the page, then select the "Show table view" button.
Adjust traffic display granularity (daily/monthly/yearly)	Set a start and end date at the top of the page, then select a preference in the granularity dropdown (daily is default).
Export traffic data	Set a start and end date at the top of the page, then press the "Download as CSV" button.

take me back to the activities index

Audit logs

Activity	Step(s)
Search for a user, event or entry	Set a start and end date at the top of the page, then use the search bar to narrow results.
View Hub-specific audit logs	Set a start and end date at the top of the page, set the Hub in the Hub dropdown (all Hubs is default), then reference the displayed data.
Export audit logs	Set a start and end date at the top of the page, then press the "Download as CSV" button.

take me back to the activities index

Policies

Activities	Step(s) / Notes
Set minimum password length	Enter the specific character count, then press the "Update policies" button. Note: password length requirements are not applied to SSO users.
Set session timeout	Enter the required session duration in minutes, then press the "Update policies" button. Note: session timeout is not applied to SSO users.
Set file retention	Enter the required retention duration in days, then press the "Update policies" button. Note: file retention is applied to versioned files (not current files).
Enforce 2FA	Note: 2FA enforcement is not applied to SSO users.
Reset user passwords	Note: the trusted user function is not applied to SSO users. A user must log at least once after the policy is applied to be able to reset their password.
Enhanced zero knowledge	Note: this setting controls whether users in Hubs associated with the selected tenancy are able to share files and send messages with unregistered users. Policy OFF: users can share files with/send messages to unregistered users. The file/message key is stored securely by Dekko until the recipient registers. Policy ON: users cannot share files with/send messages to unregistered users. Users must invite recipients and wait for them to register. Following registration, files/messages can be sent. File/message keys are never stored by Dekko.

take me back to the activities index

Integrations

Activity	Step(s)
Automatically export audit logs to SIEM (Splunk)	Prepare you Splunk environment, then enter your SIEM credentials in to the page. Press "Save" to apply.

take me back to the activities index

Viewing/editing Office and PDF documents in Dekko

Office/PDF document viewing and editing in Dekko is enabled by utilising a facility in the Dekko PROTECTED Cloud which renders the file and presents it to users within the web application.

During this rendering process temporary access to the document is granted to the processing appliance, which is deleted immediately after rendering is complete.

Disabling access to this feature is provided in order to maintain Dekko’s zero-knowledge capability should this be required for use of the service.