Globale Einstellungen/en: Unterschied zwischen den Versionen
Weitere Optionen
Faha (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
Übernehme Bearbeitung einer neuen Version der Quellseite |
||
(106 dazwischenliegende Versionen von 4 Benutzern werden nicht angezeigt) | |||
Zeile 2: | Zeile 2: | ||
Global settings can only be changed as administrator or expert!<span id="global_Options"></span> | Global settings can only be changed as administrator or expert!<span id="global_Options"></span> | ||
<span id="Allgemeine_Einstellungen"></span> | |||
== General settings == | == General settings == | ||
*Company name | |||
::Here the company name is entered that is to be used in e-mails to the supplier. If this field is not filled in, no messages can be sent to suppliers. Find more on suppliers [[Special:MyLanguage/Lieferanten|here]]. | |||
* Default language | * Default language | ||
:: Here you can select the language in which the application should be displayed by default.<br> Each user can however choose the language he wants to use by default via the flag symbol, top right. | :: Here you can select the language in which the application should be displayed by default.<br> Each user can however choose the language he wants to use by default via the flag symbol, top right. | ||
* | * Organizational form | ||
:: Here you can determine whether companies are more function-oriented (purchasing, production, sales, etc) or process-oriented. | :: Here you can determine whether companies are more function-oriented (purchasing, production, sales, etc) or process-oriented. | ||
* Enforce two-factor authentication when logging in with username and password | |||
:: Here you can define whether users need to activate and use 2FA when they don't use SSO or a passkey for their login. | |||
* Enforce two-factor authentication for suppliers | |||
:: Here you can define whether supplier users need to activate and use 2FA for their login to the portal. | |||
* Login with username and password disabled | |||
:: If activated, users cannot login with username and passwort, but only with another configured login option (e.g., login with Microsoft). The option is only available if at least one other login option is configured. | |||
<span id="Design_Einstellungen"></span> | |||
== Design settings == | |||
Through these settings, the appearance of HITGuard can be customized to your needs. All settings are only effective after clicking on "Save" at the bottom of the page. Some settings are only visible after the page has been reloaded. | |||
[[Datei:Globale Einstellungen Design.png|thumb|left|902px| Configure design]] | |||
<br clear=all> | |||
* <u>Base color</u>: Affects elements that are green by default (e.g. "save" button and load bar). | |||
* <u>Report color</u>: This can be used to change the color used for reports. | |||
* <u>Tab icon</u>: Determines the icon that is displayed in browser tabs. An .ico file must be used for the tab icon. Caution: In order to upload, the image must not exceed 16px in height and width. | |||
* <u>Report logo cover page</u>: This can be used to set an image that will be displayed left aligned, centered, or right aligned on the cover page of reports in its original size. The report logo for the cover page can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 690px in width and 264px in height. | |||
* <u>Report logo page header</u>: This can be used to set an image that will be displayed in the right corner of page headers of reports in its original size. The report logo for the page header can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 55px in width and 31px in height. | |||
* <u>Button colors</u>: The colors set here affect their respective buttons. | |||
The "Reset design" button can be used to reset the design settings back to the original ones. | |||
==Whistleblower system settings== | |||
If anonymous reporting via a whistleblower portal is activated in at least one management system with the case management add-on, a logo for the whistleblower system start page can be uploaded here. | |||
[[Datei:WHB_Logo.png|thumb|left|800px|Whistleblower logo]]<br clear=all> | |||
== <span id="ldap"></span>Lightweight Directory Access Protocol (LDAP) == | == <span id="ldap"></span>Lightweight Directory Access Protocol (LDAP) == | ||
[[Datei:LDAP LightweightDirectoryAccessProtocol.PNG|thumb|left|800px|LDAP]]<br clear=all> | |||
This setting activates the LDAP integration.<br> | This setting activates the LDAP integration.<br> | ||
*Automatic user creation | This allows users to log in using their Active Directory or Azure Active Directory credentials. | ||
*Automatic user creation: This option allows you to load user information from an Active Directory or Azure Active Directory at first login.<br>This saves you the work of recreating all users in HITGuard. Only user roles have to be assigned to the users. | |||
*Local login deactivated | *Local login deactivated: If LDAP integration is activated, the local logon can be deactivated. This means that users can only log on to the system using their LDAP logon data. If both logon modes (LDAP and Local) are activated, users can log on to the system with their LDAP as well as with their local logon credentials. For more information on this, see [[Special:MyLanguage/Login_Möglichkeiten|login options]]. | ||
If the LDAP integration is activated, you have to specify the domain and the root container of your Active Directory. | |||
== <span id="msentra"></span>Microsoft Entra ID== | |||
Alternatively to the LDAP, Microsoft Entra ID can be activated. In this case there is also the option of single sign-on for users. Local authentication can be deactivated just like with LDAP integration. | |||
[[Datei:MSEntra.png|thumb|left|800px|Microsoft Entra ID]]<br clear=all> | |||
===Synchronize user data=== | |||
If this option is enabled, the local user data are updated daily with those in the directory. Users deactivated in the in the directory are then also deactivated in HITGuard. The synchronization is done every day just after midnight. The profile pictures of users are not updated. | |||
===Automatic login=== | |||
If this option is enabled, users do not have to login with their credentials or the button. Instead, they are logged in directly. | |||
<span id="E-Mail_Einstellungen"></span> | |||
== <span id="Email settings"></span>E-mail settings == | |||
Here, the settings for the automatic mailing are made. The sender's address as well as the mailing via SMTP server or Microsoft 365 (Exchange Online via OAuth2) can be configured. To send via Microsoft 365, a service account must be configured for the Microsoft Entra ID app. | |||
If the | If you want to, change the settings for the mailing to a <b>company address</b>, or for test purposes ideally to the address of a resource mailbox, as you need to provide the password here. If you do not use an e-mail account of your own but the one provided by TogetherSecure, the sender address needs to end in @hitguard.at. | ||
<br>You can choose a separate e-mail address for each management system (see [[Special:MyLanguage/Managementsysteme#masy_email| Management system e-mail]]).<br> | |||
It is possible to configure whether new users should receive a welcome e-mail and whether they should receive an e-mail when they are assigned to a team. | |||
[[Datei:Email_Einstellungen.PNG|thumb|left|900px|E-mail settings with SMTP-Auth]]<br clear=all> | |||
[[Datei:Mail_MS365.png|thumb|left|900px|E-mail settings with Microsoft 365]]<br clear=all> | |||
More technical details for the mailing setup can be found in the HITGuard installation instructions. | |||
== <span id=" | <span id="Benutzerauswahlfeld"></span> | ||
== <span id="User selection field">User selection field == | |||
Here you can set which information will be shown when selecting a responsible person.<br> | Here, you can set which information will be shown when selecting a responsible person.<br> | ||
For example, it can be shown from which company and department a user is. | For example, it can be shown from which company and department a user is. | ||
[[Datei:Benutzerauswahlfeld.PNG||Benutzerauswahlfeld|thumb|left|800px]]<br clear=all> | [[Datei:Benutzerauswahlfeld 1.PNG|thumb|left|800px]]<br clear=all> | ||
[[Datei:Benutzerauswahlfeld.PNG||example user selection|thumb|left|800px]]<br clear=all> | |||
<span id="Optionale_Maßnahmeneigenschaften"></span> | |||
== <span id="glop_opme"></span> Optional properties of measures== | |||
This can be used to configure which options should be activated by default when creating management systems.<br>Under "Measures → Settings" it is possible to configure these options individually for each management system.<br>This has an effect on the creation of measures in the respective management systems. | |||
[[Datei:Optionale Maßnahmeneigenschaften 1.PNG|thumb|left|804px]]<br clear=all> | |||
*Impact and Effort: | *Impact and Effort: | ||
:: | :: The effort describes how much is needed in terms of resources (personnel, monetary, time-wise, etc.) to implement a measure. For this, [[Special:MyLanguage/Einstellungen#aufkla|effort classes]] can be defined under "Measures → Settings → Effort classes". | ||
:: The impact describes how | :: The impact describes how much of a difference the implementation of a measure makes when completed. For this, [[Special:MyLanguage/Einstellungen#auskla|impact classes]] can be defined under "Measures → Settings → Impact classes". | ||
*Automatic determination of deadline: | *Automatic determination of deadline: | ||
::If activated, | ::If activated, the deadline for the measure is automatically filled in once effort, impact, and start date have been entered. The basis of calculation is the matrix for the determination of deadline under "Measures → Settings". This should enable a neutral and as objective as possible determination of the implementation duration. | ||
:: "Impact and Effort" must be activated for this. | :: The option "Impact and Effort" must be activated for this as well. | ||
*Mentioned deadline: | *Mentioned deadline: | ||
:: | ::This option allows the entering of a mentioned deadline for measures. It can differ from the deadline and dates the day the responsible person is expected to have completed the measure implementation. | ||
::If activated | ::If activated, it is a mandatory field in the measure and is considered in progress reports as well. | ||
*Delayed: | *Delayed: | ||
:: | ::Measures can be marked as delayed with this. If the mentioned deadline is activated and then changed for an existing measure, HITGuard automatically suggests setting the "delayed" marker. | ||
*Risk reduction: | *Risk reduction: | ||
::If a measure | ::If a measure has been partially implemented and a reduction of the linked risk has been achieved, the marker "risk reduction" can be set for the measure. The marker is shown in Progress Reports and then automatically removed in the following analysis period. | ||
*KO criterion: | |||
::With this option, measures can be marked as critical. They are especially designated in Progress Reports. | |||
*Rescheduled: | |||
::This option allows for a re-planning of a measure. If the measure is marked with "Rescheduled" and the deadline of the measure is changed accordingly, the traffic light for the measure is set back to Green if traffic light control is analysis period-based or deadline-based. | |||
*Corrective & improvement measure | |||
::If activated, measures can be designated as serving correction and/or improvement. They can be filtered by this marker in the measure overview and it is shown in reports. | |||
*Info e-mail when allocating measures: | |||
::If this option is activated, a notification is sent to the responsible user in the following situations:</p><ul><li>creation of an open measure</li><li>change of responsibility in an open measure</li><li>setting a measure into the state "open"</li></ul> | |||
* | *Report progress actively: | ||
:: | :: This makes the button [[Special:MyLanguage/Maßnahmenstatus|"Report Progress"]] available under "My tasks → Measures" and on the page of the measure itself. This allows users to independently submit a progress report for their measures. (without a progress report having been requested). | ||
* | <span id="Risikomanagement-Einstellungen"></span> | ||
:: | == Risk management settings == | ||
This can be used to configure whether or not the "Private" identifier of threat layers should be set by default. | |||
More information on this can be found at [[Special:MyLanguage/Risikobewertung#create_rsik | "Risk Management → Risk Assessment → Risk"]]. | |||
[[Datei:Risikomanagement Einstellungen.png|thumb|left|900px]]<br clear=all> | |||
==Security settings for supplier risk management== | |||
*Password reset deadline | |||
::This setting defines the validity period of the password link. Password links are included in welcome mails for supplier users. Additionally, password links are sent to supplier users when they request a password reset. | |||
*Supplier deactivation deadline | |||
::This setting is used to preset the expiration date for suppliers. Presetting only occurs when a new supplier is created. The expiration date is calculated as follows: the current date at the time of creation + the number of months specified in the settings. | |||
::<i>Example:</i> If 6 months are defined in the settings and the supplier is created on 02/15, then the expiration date is preset as 08/15. | |||
*Deactivation mail to the supplier | |||
::This option defines whether suppliers are to receive a deactivation mail. If the respective supplier has administrators, this mail will only be sent to the administrators. Otherwise, all users of the supplier will receive this mail. | |||
*Deactivation mail | |||
::This setting allows you to specify how many days before a supplier expiration date is reached the notification mail should be sent. This applies to mails sent to supplier users as well as to the internal team. | |||
*Deactivation mail to internal team | |||
::This option determines whether the deactivation mail is to be sent to the internal team in addition to the supplier. | |||
*Internal team | |||
::The internal team can be set here. They are to be responsible for the supplier and possibly receive notifications. | |||
Find more on suppliers [[Special:MyLanguage/Lieferanten|here]]. | |||
<span id="Kürzel_Generierung"></span> | |||
== Code generation == | |||
Here you can set the default of whether an automatic code should be created for any new elemtents, and for which ones. The structure of the code can also be configured here. The setting is then taken over for all newly created management systems, but it can be changed and adapted directly in the management system itself. | |||
* The general prefix is used at the beginning of the code for all selected elements. | |||
* The first column allows you to select all elements that are to be generated with an automatic code. | |||
* Prefix: a string of letters, digits, or special characters that clearly labels the element (e.g., M for measure). The default entry can be changed. | |||
* OrgUnits abbr.: decides whether the element's code also includes the code of the organizational unit. Elements that aren't directly associated with any organizational unit do not have this option activated (e.g., risks or processes). | |||
* OrgUnit abbr. suffix: a delimiter between the OrgUnit code and the final digit string (e.g., _ or -). | |||
* Minimum precision: the minimum number of digits to be included in the resulting string. At least 1 and at most 10 can be entered. With a number of 4, the resulting strings would be, for example, 0001, 0026, or 0184. | |||
<br> | |||
[[Datei:Global_Kürzel.png|thumb|left|900px]]<br clear=all> | |||
< | <u>Note</u>: If a management system uses the centrally configured code generation instead of its own, configured under "Administration → Management systems", then the string counts between management systems. This means, if three measures are first created in management system A, then the first measure code in management system B ends with a "4". | ||
Aktuelle Version vom 12. August 2025, 08:05 Uhr
Global settings can only be changed as administrator or expert!
General settings
- Company name
- Here the company name is entered that is to be used in e-mails to the supplier. If this field is not filled in, no messages can be sent to suppliers. Find more on suppliers here.
- Default language
- Here you can select the language in which the application should be displayed by default.
Each user can however choose the language he wants to use by default via the flag symbol, top right.
- Here you can select the language in which the application should be displayed by default.
- Organizational form
- Here you can determine whether companies are more function-oriented (purchasing, production, sales, etc) or process-oriented.
- Enforce two-factor authentication when logging in with username and password
- Here you can define whether users need to activate and use 2FA when they don't use SSO or a passkey for their login.
- Enforce two-factor authentication for suppliers
- Here you can define whether supplier users need to activate and use 2FA for their login to the portal.
- Login with username and password disabled
- If activated, users cannot login with username and passwort, but only with another configured login option (e.g., login with Microsoft). The option is only available if at least one other login option is configured.
Design settings
Through these settings, the appearance of HITGuard can be customized to your needs. All settings are only effective after clicking on "Save" at the bottom of the page. Some settings are only visible after the page has been reloaded.

- Base color: Affects elements that are green by default (e.g. "save" button and load bar).
- Report color: This can be used to change the color used for reports.
- Tab icon: Determines the icon that is displayed in browser tabs. An .ico file must be used for the tab icon. Caution: In order to upload, the image must not exceed 16px in height and width.
- Report logo cover page: This can be used to set an image that will be displayed left aligned, centered, or right aligned on the cover page of reports in its original size. The report logo for the cover page can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 690px in width and 264px in height.
- Report logo page header: This can be used to set an image that will be displayed in the right corner of page headers of reports in its original size. The report logo for the page header can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 55px in width and 31px in height.
- Button colors: The colors set here affect their respective buttons.
The "Reset design" button can be used to reset the design settings back to the original ones.
Whistleblower system settings
If anonymous reporting via a whistleblower portal is activated in at least one management system with the case management add-on, a logo for the whistleblower system start page can be uploaded here.

Lightweight Directory Access Protocol (LDAP)
This setting activates the LDAP integration.
This allows users to log in using their Active Directory or Azure Active Directory credentials.
- Automatic user creation: This option allows you to load user information from an Active Directory or Azure Active Directory at first login.
This saves you the work of recreating all users in HITGuard. Only user roles have to be assigned to the users.
- Local login deactivated: If LDAP integration is activated, the local logon can be deactivated. This means that users can only log on to the system using their LDAP logon data. If both logon modes (LDAP and Local) are activated, users can log on to the system with their LDAP as well as with their local logon credentials. For more information on this, see login options.
If the LDAP integration is activated, you have to specify the domain and the root container of your Active Directory.
Microsoft Entra ID
Alternatively to the LDAP, Microsoft Entra ID can be activated. In this case there is also the option of single sign-on for users. Local authentication can be deactivated just like with LDAP integration.

Synchronize user data
If this option is enabled, the local user data are updated daily with those in the directory. Users deactivated in the in the directory are then also deactivated in HITGuard. The synchronization is done every day just after midnight. The profile pictures of users are not updated.
Automatic login
If this option is enabled, users do not have to login with their credentials or the button. Instead, they are logged in directly.
E-mail settings
Here, the settings for the automatic mailing are made. The sender's address as well as the mailing via SMTP server or Microsoft 365 (Exchange Online via OAuth2) can be configured. To send via Microsoft 365, a service account must be configured for the Microsoft Entra ID app.
If you want to, change the settings for the mailing to a company address, or for test purposes ideally to the address of a resource mailbox, as you need to provide the password here. If you do not use an e-mail account of your own but the one provided by TogetherSecure, the sender address needs to end in @hitguard.at.
You can choose a separate e-mail address for each management system (see Management system e-mail).
It is possible to configure whether new users should receive a welcome e-mail and whether they should receive an e-mail when they are assigned to a team.

More technical details for the mailing setup can be found in the HITGuard installation instructions.
User selection field
Here, you can set which information will be shown when selecting a responsible person.
For example, it can be shown from which company and department a user is.
Optional properties of measures
This can be used to configure which options should be activated by default when creating management systems.
Under "Measures → Settings" it is possible to configure these options individually for each management system.
This has an effect on the creation of measures in the respective management systems.
- Impact and Effort:
- The effort describes how much is needed in terms of resources (personnel, monetary, time-wise, etc.) to implement a measure. For this, effort classes can be defined under "Measures → Settings → Effort classes".
- The impact describes how much of a difference the implementation of a measure makes when completed. For this, impact classes can be defined under "Measures → Settings → Impact classes".
- Automatic determination of deadline:
- If activated, the deadline for the measure is automatically filled in once effort, impact, and start date have been entered. The basis of calculation is the matrix for the determination of deadline under "Measures → Settings". This should enable a neutral and as objective as possible determination of the implementation duration.
- The option "Impact and Effort" must be activated for this as well.
- Mentioned deadline:
- This option allows the entering of a mentioned deadline for measures. It can differ from the deadline and dates the day the responsible person is expected to have completed the measure implementation.
- If activated, it is a mandatory field in the measure and is considered in progress reports as well.
- Delayed:
- Measures can be marked as delayed with this. If the mentioned deadline is activated and then changed for an existing measure, HITGuard automatically suggests setting the "delayed" marker.
- Risk reduction:
- If a measure has been partially implemented and a reduction of the linked risk has been achieved, the marker "risk reduction" can be set for the measure. The marker is shown in Progress Reports and then automatically removed in the following analysis period.
- KO criterion:
- With this option, measures can be marked as critical. They are especially designated in Progress Reports.
- Rescheduled:
- This option allows for a re-planning of a measure. If the measure is marked with "Rescheduled" and the deadline of the measure is changed accordingly, the traffic light for the measure is set back to Green if traffic light control is analysis period-based or deadline-based.
- Corrective & improvement measure
- If activated, measures can be designated as serving correction and/or improvement. They can be filtered by this marker in the measure overview and it is shown in reports.
- Info e-mail when allocating measures:
- If this option is activated, a notification is sent to the responsible user in the following situations:
- creation of an open measure
- change of responsibility in an open measure
- setting a measure into the state "open"
- If this option is activated, a notification is sent to the responsible user in the following situations:
- Report progress actively:
- This makes the button "Report Progress" available under "My tasks → Measures" and on the page of the measure itself. This allows users to independently submit a progress report for their measures. (without a progress report having been requested).
Risk management settings
This can be used to configure whether or not the "Private" identifier of threat layers should be set by default.
More information on this can be found at "Risk Management → Risk Assessment → Risk".

Security settings for supplier risk management
- Password reset deadline
- This setting defines the validity period of the password link. Password links are included in welcome mails for supplier users. Additionally, password links are sent to supplier users when they request a password reset.
- Supplier deactivation deadline
- This setting is used to preset the expiration date for suppliers. Presetting only occurs when a new supplier is created. The expiration date is calculated as follows: the current date at the time of creation + the number of months specified in the settings.
- Example: If 6 months are defined in the settings and the supplier is created on 02/15, then the expiration date is preset as 08/15.
- Deactivation mail to the supplier
- This option defines whether suppliers are to receive a deactivation mail. If the respective supplier has administrators, this mail will only be sent to the administrators. Otherwise, all users of the supplier will receive this mail.
- Deactivation mail
- This setting allows you to specify how many days before a supplier expiration date is reached the notification mail should be sent. This applies to mails sent to supplier users as well as to the internal team.
- Deactivation mail to internal team
- This option determines whether the deactivation mail is to be sent to the internal team in addition to the supplier.
- Internal team
- The internal team can be set here. They are to be responsible for the supplier and possibly receive notifications.
Find more on suppliers here.
Code generation
Here you can set the default of whether an automatic code should be created for any new elemtents, and for which ones. The structure of the code can also be configured here. The setting is then taken over for all newly created management systems, but it can be changed and adapted directly in the management system itself.
- The general prefix is used at the beginning of the code for all selected elements.
- The first column allows you to select all elements that are to be generated with an automatic code.
- Prefix: a string of letters, digits, or special characters that clearly labels the element (e.g., M for measure). The default entry can be changed.
- OrgUnits abbr.: decides whether the element's code also includes the code of the organizational unit. Elements that aren't directly associated with any organizational unit do not have this option activated (e.g., risks or processes).
- OrgUnit abbr. suffix: a delimiter between the OrgUnit code and the final digit string (e.g., _ or -).
- Minimum precision: the minimum number of digits to be included in the resulting string. At least 1 and at most 10 can be entered. With a number of 4, the resulting strings would be, for example, 0001, 0026, or 0184.

Note: If a management system uses the centrally configured code generation instead of its own, configured under "Administration → Management systems", then the string counts between management systems. This means, if three measures are first created in management system A, then the first measure code in management system B ends with a "4".