Forum Discussion
Solved
SecurityIncident access from Sentinel tenants
Hello,
My company's business model follows the Sentinel MSP with visibility to Customer Sentinel via Lighthouse. All the incidents from across the Customer Sentinels are located on the Sentinel MSP (since the detection rules reside on the Sentinel MSP).
Although it might not be the usual MSP model (hosting incidents in the MSP Sentinel), we want to provide visibility to our Customers regarding their Incidents (with all updates) in a dashboard.
Is there a possibility we can have a solution for this?
Much appreciated, Iuchete
So I need to create a dashboard (only with that customer's data) on the MSP Sentinel and give access and permissions to the customer via Lighthouse, right? The customer will only be able to view the said dashboard, nothing else.
Much appreciated, Iuchete
So I need to create a dashboard (only with that customer's data) on the MSP Sentinel and give access and permissions to the customer via Lighthouse, right? The customer will only be able to view the said dashboard, nothing else.
Correct too. You will create a custom dashboard on the MSP Sentinel that displays only that customer's incidents and data. Once the dashboard is set up, you’ll configure access and permissions through Lighthouse. The key is to ensure that the customer’s user role is restricted to just that specific dashboard, so they won't have access to any other data from different customers.
With the correct permissions in place, the customer will only be able to view the dashboard you've created for them, ensuring their visibility is limited to their incidents and updates.
Hello un1claudiu!
Yes, it's possible to provide visibility to your customers on their incidents. You can leverage Sentinel’s Lighthouse integration to give your customers access to their incidents through a customized dashboard. While incidents are hosted on the MSP Sentinel, you can use Lighthouse to share the necessary details and updates with your customers in a way that aligns with your business model. This can be done with the right configurations and permissions within the Sentinel environment.
To configure this, you need to ensure that your Sentinel MSP tenant is linked to the Lighthouse service, which connects your tenant to the customer’s Sentinel environment. Set up appropriate roles and permissions to allow customer access to incident data. You’ll need to create custom views or dashboards that display incident information from across customer tenants. You may also configure automatic updates and notifications based on incident changes so customers can see real-time updates.
Regards!
Thank you, Iuchete
So i need to setup a dashboard only with that specific customer's incidents and he wont be able to see other incidents from the rest of the customers, given the appropriate permissions, right?
That's correct! You can set up a dashboard that only shows the specific customer's incidents, and with the proper role-based access control (RBAC) and permissions, you can ensure that each customer can only see their own incidents. You'll need to configure the permissions so that the customer’s user account is restricted to their own data, and not able to view incidents from other customers. This way, the customer will only have visibility into their own incidents and updates in the dashboard you create for them.
