Administering Kindo: Access Control, Audit Log, and DLP Features
Kindo maintains a robust set of security, auditing, and compliance controls to ensure that users and agents run within Kindo maintain security and compliance requirements. To access these controls, select the gear menu (Setttings) in the top right of any window in Kindo and click Security.
Note: You must be an Administrator user to access this panel.
Model Access and DLP Controls
This section enables Admins to manage what models are enabled for their organization. If a Model is selected to be Active it means that a user within the organization can access that model. If a model is Disabled, that model is not viewable by the user and agent requests as well as API calls made to that model will fail. You can also enable or disable DLP filters at this screen for specific models, and you can Enable or Disable versions of models at this screen.
Default Settings
This section enables Admins to manage what the default behavior is for adding new Models. If the New Provider setting is enabled, it means adding that adding a new Model Provider is permitted within your organization. The New Models of Enabled Providers determines whether or not new Models added by that Provider are added by default.
Data Loss Prevention Filters
This section enables you to create and manage Data Loss Prevention (DLP) Filters. DLP Filters are redaction mechanisms that when enabled tokenize sensitive data sent out to models in chat, agent, and API calls. This ensures that sensitive information is not transmitted in requests.
Kindo by default comes with several DLP filter types. However you can specify your own data types to filter. This can be in the form of a String Ltieral, a Phrase, or a Regular Expression (Regex)
Integration Access
This menu allows Admins to control what integrations are available for users to access. If a status is set to Active, users can utilize an Integration to sync with a target. If the status is set to Off, that Integration cannot be accessed by users in their organization.
Audit Log
The Audit Log menu allows you to navigate and view user activity within Kindo. In Kindo Self-Managed, this data is also transmitted to syslog or another configured Audit Log backend.
You can apply filters to view specific users or types of activity. You can also select a time range for further filtering results, and you can download events you find here into a Comma Spliced Values (.csv) file for review.
Clicking on an event allows you to examine more details about the activity. The Summary provides a brief overview of the activity in the user’s action. This data is also available for Kindo Self-Managed users in either the Syslog or Audit Log Backend they have configured in the form a JSON-formatted event.
Clicking Raw Data enables you to see all context of the action, including files that were accessed as part of the action.
Sharing Permissions
The Sharing Permissions guide allows Admins to manage whether users are able to share agents or chats to individuals outside their organization. If this is set to Active, you can also manage what is the minimum user level necessary to share this data.
Unless External Sharing Enabled is set to Active, a user will not be able to share a link to a chat or agent to an individual unless that individual has logged into Kindo via the IDP you have configured.