ARCON|PAM

My Vault-U16
My Vault-U16

Table of Contents

1 Introduction ..........................................................................................................................................................................................4
1.1 Features ............................................................................................................................................................................................... 4
2 Accessing ARCON PAM My Vault ...............................................................................................................................................5
2.1 My Vault File Features................................................................................................................................................................... 6
2.1.1 File Server Configuration............................................................................................................................................................ 8
3 My Vault Logs .................................................................................................................................................................................... 10
4 Secrets .................................................................................................................................................................................................. 12
4.1 My Vault Secret Features ...........................................................................................................................................................12
4.2 Password Policy for Secrets.......................................................................................................................................................18
4.2.1 Secret Service Configuration ................................................................................................................................................. 19
4.2.2 Types of Secrets........................................................................................................................................................................... 20
4.3 Secret Service Configuration ....................................................................................................................................................21
4.4 Types of Secret................................................................................................................................................................................22

2
My Vault-U16

Disclaimer
The handbook of ARCON PAM solution is being published to guide stakeholders and users. If any of the
statements in this document are at variance or inconsistent it shall be brought to the notice of ARCON through
the support team. Wherever appropriate, references have been made to facilitate a better understanding of the
PAM solution. ARCON team has made every effort to ensure that the information contained in it was correct at
the time of publishing.
Nothing in this document constitutes a guarantee, warranty, or license, expressed or implied. ARCON disclaims
all liability for all such guarantees, warranties, and licenses, including but not limited to: Fitness for a particular
purpose; merchantability; non-infringement of intellectual property or other rights of any third party or of
ARCON; indemnity; and all others. The reader is advised that third parties can have intellectual property rights
that can be relevant to this document and the technologies discussed herein, and is advised to seek the advice
of competent legal counsel, without obligation of ARCON.

Copyright Notice
Copyright © 2021 ARCON All rights reserved.
ARCON retains the right to make changes to this document at any time without notice. ARCON makes no
warranty for the use of this document and assumes no responsibility for any errors that can appear in the
document nor does it make a commitment to update the information contained herein.

Trademarks
Other product and corporate names may be trademarks of other companies and are used only for explanation
and to the owners' benefit, without intent to infringe.

Sales Contact
You can directly contact us with sales-related topics at the email address <sales@arconnet.com>, or leave us
your contact information and we will call you back.

3
My Vault-U16

1 Introduction
My Vault is used for securely uploading files/secrets in ARCON PAM. Users can perform operations such as
uploading, downloading, viewing, and deletion of files in/from the vault just as one does on a regular drive.
Small files are stored in an encrypted format in the database and larger files are stored on the centralized
server which is configured by the Administrator. Users can share (documents, spreadsheets, images,
certificates, SSH Keys, video, and/or audio files) with other ARCON PAM users without sending them through
email or printing it out.

 Users with File Vault privilege will only be able to view My Vault app option in ACMO.

1.1 Features
• File/Secret storage
It is a centralized repository where any important file/secret can be stored/shared in an encrypted
manner. Secrets can also be secured with ARCON Password Envelope Management (APEM) utility.
• Drag and Drop Interface
Users can simply drag files from anywhere on the desktop and drop them on my vault page.
• Activity Overview
My Vault page displays details of the existing files present in the vault.
• Extensive Formats
One can upload, download, share, remove any file he has access to. Various file formats such
as .xls, .doc, .xml, .csv, and .pdf, etc. are supported.

4
My Vault-U16

2 Accessing ARCON PAM My Vault

ARCON PAM My Vault is present in the ARCON PAM Client Manager Online ACMO.
To navigate, use the following path:
Server Manager → Manager → My Apps→ My Vault
0

0
1. Click My Vault app.
2. My Vault will be opened in a new browser tab.
0

5
My Vault-U16

0
3. My Vault has two main functionalities which are explained below
a. File feature
b. Secret

2.1 My Vault File Features

1. File Upload
File upload feature is used to upload files in my vault. Files smaller than 10MB are directly uploaded to
the database and files greater than 10MB are uploaded to the centralized file server.

6
My Vault-U16

 Users having File Vault privilege will only be able to upload, download, view, or delete
files in My Vault.
Only Domain Users are allowed to upload the big files on the server.
User can view, download, or delete only those files which are uploaded by them.
File types to be uploaded are configured by Admins in Allowed File Types For Upload in
Settings, and only those file types are supported.

a. Users can upload files in My Vault in two ways

i. Drag and Drop- Files can be dragged and dropped directly in My vault.
ii. Browse button- Users can navigate to the file by clicking the Browse button.
0

0
b. Check the File Available till checkbox and select the date and time, click Apply.
c. The uploaded file will be automatically deleted after this date from the database or server and the
files can be deleted manually also.

7
My Vault-U16

2. File Download

a. Download the file by clicking option on the list.

b. The file is downloaded from the database/vault.
3. File Delete

a. Delete the file by clicking option on the list.

b. The file is deleted from the databse/vault.
4. File share

a. Share the file by clicking the option on the list.

b. According to the permission set on the file, the user with whom the secret is shared can share it
forward.

2.1.1 File Server Configuration

Admins configure the file server to store files on the centralized server. This configuration helps to store all the
large files which are larger than 10MB.

 Users with My Vault- Admin privilege will only be able to view File Server Configuration option in My
Vault.

To navigate, use the following path:

My Vault→ File Server Configuration
0

8
My Vault-U16

0
The Central file server configuration screen contains the following fields:
Field Name Description
LOB Select LOB under which the service is created.
Service Type Select the Service type.
Search Service (IP
Address/ Hostname) Enter the Service details and clickSearch icon.

 You can clickSearchicon without entering any value in Search Service

(IP Address / Hostname)to enableServicedropdown.

Service Select the Service.

Auto clean up (in days) The file is automatically deleted after the set number of days.
Max upload file size (in
The maximum size of the file that a User can upload can be set here.
GB)
 ARCON My Vault Allows supports file size of up to 20 GB.

0
0

9
My Vault-U16

3 My Vault Logs
My Vault log displays the list of all the activities performed in the File Vault. It displays details such as filename,
extension, size, status, added by, added on, shared on, shared with, file available till, deleted by, deleted on, and
recorded on.

 Users having My Vault Logs privilege will be able to view the My Vault logs on ACMO.
Following is the process to view My Vault Logs:
1. Click Reports menu on ACMO.
2. From the left navigation menu, click Logs option.
3. Click the My Vault Logs link.
4. It displays the following screen.
0

5. Select enter date in Date From and Date To field or Search for a particular User ID.
6. Click View Report button. It displays detailed information on the My Vault log.
0

10
My Vault-U16

0
7. Select the number of entries from the Show entries drop-down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right-
hand side of the screen.

9. Click the icon to see details such as when the file was recorded and when it was deleted.

10. To pin the report to Dashboard, click icon.

11. Click icons displayed on the right side corner of the screen to select the file type for
exported reports. The download request will be processed and will be available for download
in Exported Reports screen.

11
My Vault-U16

4 Secrets
My Vault also provides a point solution for shielding all of the classified secrets and confidential assets at a
single location. When any particular assets are to be shared with another privileged user, My Vault will
safeguard the same by facilitating a password-protected layer above the same and thus can be accessed by the
concerned privileged user only. Secrets are usually PINs, Application Password, Service Password, and SSH
Keys.

 Users with Secret Tab privilege will only be able to view Secret tab option in My Vault.

4.1 My Vault Secret Features

1. Secret creation
To create a secret, click on the service tab.

 Users having Service Create privilege will only be able to create a secret in My Vault.
0

12
My Vault-U16

0
The secret screen contains the following fields:
Field Name Description
Single upload Select this radio button to create a new secret.
Bulk Upload Select this radio button to create many new secrets.
Host Name Enter the Hostname.
IP Address Enter the IP address.
Username Enter the Username given to the secret.
Password Set the Password for the secret.
Description Enter the details
Browse Select the secret to be uploaded.

 Users can download the template for the bulk upload files by
clicking on the "Download the template: here" button which gives
a template of the bulk upload of the files in a .xlxs format

13
My Vault-U16

Field Name Description

Secure with vault If the password is secured with vault it can be viewed and edited directly,
Secure with vault APEM If the password is secured with APEM then it can be opened only with
APEM tool.
0
2. Secret Download

 Users having Service Download privilege will only be able to download the secret from My
Vault.

a. Download the secret by selecting the secret and clicking on the option on the list.
b. A password prompt will appear for verification purposes.
0

0
c. The valid user will be able to download the secret from the vault.
3. Secret Delete

 Users having Service Remove privilege will only be able to remove the secret from My Vault.

a. Delete the secret by selecting the secret and clicking on the option on the list.
b. A password prompt will appear for verification purposes.
0

14
My Vault-U16

0
c. The valid user will be able to delete the secret from the vault.
4. Secret share

 Users having Service Share privilege will only be able to share the secret from My Vault.

a. Share the file by clicking the option on the list.

b. A password prompt will appear for verification purposes.
0

0
c. The valid user will be able to share the secret from the vault.
d. Viewing and Editing can be time-based, permanent, or one-time based on shared rights.
5. Secret View

 Users having Service View privilege will only be able to view the secret from My Vault.

a. View the file by clicking the option on the list.

b. A password prompt will appear for verification purposes.
0

15
My Vault-U16

0
c. According to the permission set on the file, the user with whom the secret is shared can share it
forward.
d. Viewing and Editing can be time-based, permanent, or one-time based on shared rights.

 Secure with Vault - APEM

Users cannot view the secret entry if it is Secured with the APEM tool. If in case a
user double clicks on this entry to view it, a message box with "Cannot View.
Secured with the APEM tool" message will be displayed.
Secure with Vault - Normal
A user will be able to view secret by double-clicking on the entry after the
verification is successful.
Users can copy the secret to the clipboard.

6. Secret Edit

 Users having Service Edit privilege will only be able to edit the secret from My Vault.

a. Edit the file by clicking the option on the list.

b. A password prompt will appear for verification purposes.
0

16
My Vault-U16

0
c. The valid user will be able to edit the secret in the vault.

 Secure with Vault - APEM

Secrets Vaulted with the APEM tool are in encrypted format.
Secure with Vault - Normal
If a user wants to edit the password then the user must have permission granted
by the owner of the file while its share. While editing, the user is asked for
verification through a password.

7. Audit Trail
Audit Trail gives the entire history of secrets when was it created, edited, shared, downloaded, and
viewed.
0

0
8. My Favorites
My Favorite feature allows you to mark secrets as favorite and the favorite secrets can be found at the

17
My Vault-U16

top of the list. By clicking the My Favorite star icon, the secret is marked as favorite.
0

4.2 Password Policy for Secrets

Admins can set a password policy for all the secrets configured in My Vault.

 Users with My Vault- Admin privilege will only be able to view File Server Configurationoption in My
Vault.

To navigate, use the following path:

My Vault→ Password Policy for Secrets
0

18
My Vault-U16

0
The Password Policy screen contains the following fields:
Field Name Description
Password Policy
Select the Password policy you want to apply for all the secrets in my vault.

 Password Policy dropdown shows all the configured Password policy in

the Server Manager.

Action Type
Select the Action type.
• Assign- Assigns password policy for all the secrets.
• Revoke- Revokes password policy from all the secrets.

0
4.2.1 Secret Service Configuration
Organizations can configure additional tags which the user needs to enter at the time of service creation. The
Group, Role, and Description fields should be filled at the time of service creation.

To navigate, use the following path:

My Vault→ Secret Service Configuration

19
My Vault-U16

The Secret Service Configuration contains the following fields:

Field Name Description

Description 1 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

Description 2 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

Description 3 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

4.2.2 Types of Secrets

Admins can classify service types for secrets. This classification is applied to secrets while creating one.

To navigate, use the following path:

My Vault→ Types of Secrets
0

20
My Vault-U16

0
The Secret Service Types contains the following fields:
Field Name Description
Secret Service Type
Add secret service type.

 The secret service types visible on this page can be mapped to secrets
when creating a service.

4.3 Secret Service Configuration

Organizations can configure additional tags which the user needs to enter at the time of service creation.
The Group, Role, and Description fields should be filled at the time of service creation.

To navigate, use the following path:

My Vault→ Secret Service Configuration

21
My Vault-U16

The Secret Service Configuration contains the following fields:

Field Name Description

Description 1 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

Description 2 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

Description 3 The filed name is bespoke and can be set according to an organization's needs.
** Customized field
 This field name will be visible while creating the secret.

4.4 Types of Secret

Admins can classify service types for secrets. This classification is applied to secrets while creating one.

To navigate, use the following path:

My Vault→ Types of Secrets
0

22
My Vault-U16

0
The Secret Service Types contains the following fields:
Field Name Description
Secret Service Type
Add secret service type.

 The secret service types visible on this page can be mapped to secrets
when creating a service.

23
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any
means such as electronic, mechanical, photocopying, recording, or otherwise without permission.