A formal Security Authorization and Change Approval process is an important component of security. You rely on GreenLoop to ensure that any changes made on your account are appropriate, legitimate, and authorized. This article outlines what you need to know about GreenLoop’s security authorization and change approval process on your account.
How does GreenLoop’s change approval process work?
When GreenLoop determines that a client request triggers our Change Approval process, our automated tools will send an email to the Security Authorization Contact(s) we have on file. The automated message will include details on what change is requested and who requested it. You can then reply to this email to approve the request, reject it, or request a call to discuss the impact of the change.
The requesting individual will also receive an automated message letting them know that the request requires further approval by designated contacts on their company’s side.
If we don’t receive a response, our system will continue to follow up daily for 72 hours.
After 72 hours with no response, our system will automatically close out the change request. However, you’ll be notified and have a chance to respond and re-open it.
What sorts of requests trigger a change approval?
In general, anything that involves a change in access or security requires additional approval.
Some common examples:
- Role or permissions changes (someone is changing teams in your organization and needs permission added/removed)
- New access to network drives
- Local administrator permissions (for instance, to install software)
- Access to servers
- Remote access
- Mailbox or calendar access
If the Security Contact submits a request via our normal ticketing process, we’ll still follow up with them, typically by phone call, to confirm that it was legitimate.
Can I request that additional changes trigger a change approval for my account?
Yes (probably!). Contact your Account Manager to discuss.
Doesn’t this make it slower for my or my users’ requests to be resolved?
While this does add an extra step to the process, GreenLoop is committed to making the impact as minimal as possible from our side. Expediting requests does require timely cooperation from the Authorized Security Contacts in your company. Ultimately, we hope you’ll agree that the ability to verify and explicitly authorize requests provides a level of security that is worth the trade-off.
Can I opt out of this change approval process for my account?
In order to best protect our clients, maintain operational efficiency, and avoid future liability, GreenLoop is requiring all clients to conform to this process at this time.
How do I submit a request without it needing to go through the Change Approval process?
Have one of the Security Authorization Contacts on your account submit the Change Approval Request Form directly through GreenLoop’s client portal.
Only requests coming from an existing Security Authorization Contact and submitted through the portal will be automatically approved. In some cases, we may still request to speak with the authorizing user in order to guard against impersonation attempts.
Who does GreenLoop contact to verify changes are authorized?
You can have multiple security Security Approval Contacts on your account. The change request approval will go to all , and any of them can approve it. Please contact your Account Manager to request a change to your Security Authorization Contacts.