An Atakama Administrator is a user who is running the fully-featured Atakama client. These users have a greater amount of control over their application and are typically responsible for several important tasks, namely managing access to shared locations and creating configuration files.
Feature Comparison Table
|Feature||Administrator (Full Client)||User (Lite Client)|
|Encrypted Storage in the Cloud||Enabled||Enabled|
|Encrypted Storage in a Network Location||Enabled||Enabled|
|Encrypted Local Storage||Enabled||Disabled|
|Secure File Export||Enabled||Enabled|
|Location Access Requests**||Enabled||Disabled|
|Configuration File Editor||Enabled||Disabled|
*The Control Center includes a large set of features like adding and removing keys, adding and removing additional storage locations, and configuring the behavior of the active Atakama client.
**Location Access Requests are the mechanism that allows administrators to grant a new user access to a shared location.
Shared Location Access Management
When a new user joins a shared storage location they do not yet have the ability to read any of the protected data. They must first be granted access to the protected data by someone who does already have access. However, non-administrators cannot add or remove other users' access to encrypted data to mitigate the chance that an attacker is accidentally granted access to protected data. Rather, it is up to an administrator of that location to verify the identity of the new user and to grant them access to protected data.
Configuration File Curation
Atakama clients can be configured to operate in a particular way, according to the needs of the organization, simply by the presence of a specialized configuration file. This feature is quite powerful, as it will force the application to behave in a particular way. To protect against the distribution of fraudulent or malicious configuration files, the files are signed by the administrator that creates it. Thus it is the responsibility of Atakama Administrators to properly create, modify, and disseminate these configuration files to meet the needs of the organization.