Managing users

This guide covers how to manage users, including details on user statuses, roles, and device management.

Users overview

In this table, you can see all users that are added to your company account. You can filter users by:

• Status: User status  - Active: The user set up their account and is using the app.  - Pending: The user has been invited to the company account but has not yet set up their account.  - Password reset: The user has requested a password reset.  - Archived: The user has been archived and can no longer access the company account or make a new scan.
• Role: User role  - User: The basic type of account.  - Admin: Administrator of the whole company.
• 2FA status: Two-factor Authentication status (enabled or disabled).
• Account Created: When the account was created.
• Last login: When the account last logged in.

Each user is assigned a username, email, status, role, 2FA status, number of devices, date when the account was created, and date when the account last logged in.

Clicking on the "plus" icon at the beginning of every row allows you to access the list of devices that are assigned to the user. You can also click on the row to access more details or manage the user.

User details

Top panel

On this card, you can see all the details of the user. You can also manage the user by clicking on the several buttons on the right side of the card:

• Show API Key: You're able to see the API key of the user. This key is used to authenticate in the mobile app.
• Edit user: You're able to edit the user's details.
• Send invitation: You're able to send an invitation to the user's email inbox.
• Reset password: You're able to reset the user's password. This is useful when the user has forgotten their password.
• Block user: You're able to block the user.
• Archive user: You're able to archive the user.

User risk score

The risk score, ranging from 0 to 10, indicates the user's vulnerability level. It is calculated as an average based on the latest scans of all user devices. A higher risk score corresponds to a greater level of vulnerability.

This chart displays the user's risk score for the last 30 days. Beneath the risk score, you can observe the percentage change in the risk score over the past 30 days.

Platform stats

In this list, you can view the number of devices, issues, and the average risk score for each platform. In short, you are able to see how many devices the user has and on which platform they are running.

Issues

This table displays all issues from all user devices. By default, the table is sorted by severity (from high to low).

Each issue is assigned a severity level (low, medium, high), a number of affected devices, a platform (Android, iOS, etc.), a title, and a description.

Clicking on the issue title allows you to access more details and a suggested solution to address the specific problem.

Devices

In this table, you can see all devices from your company that have been scanned at least once. By default, the table is sorted by risk score (from high to low). You can filter devices by:

• Platform: Android, iOS, iPadOS, macOS, Windows, or Linux.
• Manufacturer: Samsung, Huawei, Xiaomi, Apple, etc.
• Model: Galaxy S10, iPhone 11, etc.
• Device Status:  - Active: The device is active and can be scanned.  - Archived: The device is inactive and cannot undergo scanning. Devices are automatically archived after 30 days without a scan.
• Device Support:  - Supported: The manufacturer provides security updates for the device.  - Unsupported: The manufacturer no longer provides security updates for the device.  - Unknown: We are not able to determine if the manufacturer provides security updates for the device.
• Last Scan: The range of dates for the last scan of the device.
• Updated Sensor:  - Updated: The device has the latest version of the sensor installed.  - Not updated: The device does not have the latest version of the sensor installed.

Each device is assigned a risk score, a platform (Android, iOS, etc.), a manufacturer, a model, a set of risk scores divided into four categories (device, apps, privacy, and network), a Redamp.io mobile app version, and a last scan date. If the "App Version" is in red, it means that the device does not have the latest version of the Redamp.io mobile app installed.

Each device performs a scan every 24 hours (by default, this can be changed in "Settings"). The scan is conducted by the Redamp.io mobile app installed on the device. If a device fails to perform a scan for more than 30 days, it will be automatically archived. Before this occurs, the device will receive several notifications prompting it to perform a scan.

Clicking on the device name allows you to access more details about the device.