PortalRequest proposal
Directory › Administration › Vault

CyberVision Vault Concept and Creation Guide

What is a Vault

In CyberVision, a Vault works as a secure access group.

Think of it as a real safe:

  • the safe contains secrets and access targets (connections and web access),
  • only users with the key (authorized users) can access it,
  • you control who can use each resource without exposing everything to everyone.

In practical terms, a Vault links:

1. Users

2. Connections (RDP, SSH, Telnet, Kubernetes, etc.)

3. Web access entries

Why use Vaults

  • Security: reduces credential and access exposure.
  • Organization: separates access by team, business unit, customer, or environment.
  • Governance: simplifies access reviews and auditability.
  • Scalability: adding/removing a user from a Vault updates access scope consistently.

Recommended design model

Create Vaults by business context, for example:

  • Vault - Infrastructure - Production
  • Vault - Support - Enterprise Customers
  • Vault - DevOps - Kubernetes

Each Vault should represent a clear operational responsibility scope.

How to create a Vault

1) Open the Vault module

1. Go to Vault in the portal.

2. Click Add (or Create Vault).

2) Define basic information

Fill in:

  • Name
  • (Optional) Description / notes

Naming best practice

Use a standard format:

Vault - <Team/Domain> - <Environment/Scope>

Example:

Vault - Security Operations - Production

3) Add users to the Vault

Select the users who should have access to this Vault.

Critical rule

Only include users who actually need access (least privilege).

4) Attach connections to the Vault

Associate the connections this group can use:

  • RDP
  • SSH
  • Telnet
  • Kubernetes
  • any other available connection types

5) Attach Web access to the Vault

Associate Web module entries that should be available to this group.

6) Save

Click Save to create the Vault.

What happens after creation

After saving:

  • users in the Vault can access assigned resources,
  • users outside the Vault should not access those resources (unless explicitly granted elsewhere).

Post-creation validation checklist

1. Vault is visible in the Vault list.

2. Correct users are assigned.

3. Correct connections are assigned.

4. Correct Web entries are assigned.

5. A test user inside the Vault can access expected resources.

6. A test user outside the Vault cannot access those resources.

Operations and maintenance

  • Review Vault membership regularly.
  • Remove users who changed roles or no longer need access.
  • Review linked connections/web entries to prevent over-privilege.
  • Keep Vault scope aligned with current team responsibilities.

Key concept for your team

> A Vault is not just a folder of access items.

> It is the control boundary that binds the right people to the right secrets/resources in the right context, with security and auditability.

Was this helpful?
Yes: 0 · No: 0