People Management
Overview
The People section is your central employee directory for security management. Import employees from identity providers, organize them into groups, and track security-related tasks.
Tabs Overview
| Tab | Purpose |
|---|---|
| Users | Employee directory and management |
| Groups | Compliance groups for training and campaigns |
| Tasks | Access management and onboarding tasks |
Users
Employee Directory
View all employees with:
- Name and email
- Department and title
- Group memberships
- Training status
- Last activity
Importing Employees
From Identity Provider
- Navigate to Employees → People
- Click Import Users
- Select your identity integration:
- Azure Active Directory
- Google Workspace
- Configure import settings:
- Include/exclude groups
- Sync frequency
- Attribute mapping
- Confirm import
Manual Import
For employees not in your identity provider:
- Click Add User
- Enter employee details:
- Name
- Department
- Title
- Save
CSV Import
For bulk manual import:
- Click Import → CSV
- Download template
- Fill in employee data
- Upload completed CSV
- Review and confirm
Employee Details
Click on an employee to view:
- Profile - Contact information
- Groups - Group memberships
- Training - Assigned and completed training
- Phishing - Phishing campaign results
- Tasks - Assigned security tasks
Employee Actions
| Action | Description |
|---|---|
| Edit | Update employee information |
| Disable | Deactivate without deleting |
| Delete | Remove from system |
| Assign Training | Add training courses |
| Add to Group | Add to compliance groups |
Compliance Groups
Why Groups?
Groups help you:
- Target training to specific departments
- Scope phishing campaigns appropriately
- Manage access reviews by team
- Apply policies to subsets of employees
Creating Groups
- Navigate to People → Groups
- Click Create Group
- Configure:
- Group name
- Description
- Member criteria
- Save
Group Types
| Type | Description | Example |
|---|---|---|
| Manual | Manually assigned members | Executive team |
| Rule-Based | Auto-populated by criteria | Engineering department |
| Synced | Mirrors identity provider group | AD Security Group |
Rule-Based Groups
Automatically populate groups based on:
- Department equals "Engineering"
- Title contains "Manager"
- Location is "Remote"
- Hire date within 90 days
Managing Group Members
Add Members:
- Open group
- Click Add Members
- Search and select employees
- Confirm
Remove Members:
- Open group
- Select member(s)
- Click Remove from Group
Tasks
Task Types
| Task Type | Source | Action |
|---|---|---|
| Access Provision | Onboarding | Grant system access |
| Access Revocation | Offboarding | Remove system access |
| Access Review | Compliance | Verify access appropriateness |
| Training Assignment | Training module | Complete security training |
Task Workflow
Task Created
Task is created automatically or manually.
Assignment
Task assigned to appropriate owner.
Action
Owner completes required action.
Verification
Action verified and task closed.
Managing Tasks
View Tasks:
- Filter by status, type, assignee
- Sort by due date or priority
- Export task list
Complete Tasks:
- Open task
- Perform required action
- Add completion notes
- Mark complete
Sync Settings
Automatic Sync
Configure identity provider sync:
| Setting | Options |
|---|---|
| Frequency | Hourly, Daily, Weekly |
| Scope | All users, specific groups |
| Actions | Create, update, disable |
| Notifications | Sync status alerts |
Sync History
View past syncs:
- Sync timestamp
- Users added/updated/removed
- Errors encountered
- Sync duration
Conflict Resolution
When sync conflicts occur:
- Identity Provider Wins - IdP data overwrites
- Bastion Wins - Keep Bastion data
- Manual Review - Flag for review
Offboarding
Automated Offboarding
When employees leave:
- Identity provider sync detects removal
- Employee marked for offboarding
- Access revocation tasks created
- Training assignments cleared
- Account disabled
Offboarding Checklist
- Revoke system access
- Remove from groups
- Clear pending tasks
- Archive employee data
- Document offboarding date
Best Practices
Keep Directory Updated
Regular sync ensures accurate employee data. Stale data leads to security gaps.
Use Meaningful Groups
Create groups that align with how you manage security. Department-based is common.
Close Tasks Promptly
Unactioned access tasks are security risks. Set SLAs and monitor completion.
Audit Regularly
Review group memberships and access periodically to catch errors.