Important Update: Some Community URL Redirects are Under Maintenance. Learn More. .

cancel
Showing results for 
Search instead for 
Did you mean: 
AnandDeshpande
Archer Employee
Archer Employee

Last year at RSA Archer Summit, we announced that we are working on giving you the ability to approve Advanced Workflow Actions via email. This also has been a top 10 voted idea on RSA Ideas! We are happy to announce that this feature is part of our 6.6 release. This focus of this feature is for executives/senior management to complete a simple workflow action using an email, without having to log into RSA Archer. This feature embeds all the advanced workflow buttons (that the user has access to) in the body of the email. All the user is expected to do is click on a desired button from the email, which creates a reply to the original email, and then click on send. It really is that simple!

 

Benefits:

  • Users do not have to login or navigate to the relevant sections of RSA Archer. 
  • Users can complete actions while traveling or working at a remote location (where RSA Archer is not accessible). 

 

What are Simple actions?

Simple actions are any advanced workflow based actions that a user can complete without having to provide any additional input e.g. a mandatory field such as comments.

 

How does it work?

This feature works on the basis of generating a token when an email is sent and verification of that token when a reply is received. When an email notification (with AWF buttons on it) is sent to a user, it also sends an unique token. Once the user completes an action by selecting a button and sending an email back to the RSA Archer system, the token and source are both verified before the action is completed in the system and logged accordingly in the history log. It is to be noted that this email is not to be shared with another user as it contains important security information.

 

As an added security option we have required a user profile to be enabled for any user to be able to work with this feature. This way emails we have a control on who can use this feature. 

How do I configure it?

Prerequisite: 

  • A mail box that RSA Archer can monitor. 

Configuration checklist: 

  1. Archer Control Panel: enable the feature and provide details on the mailbox.pastedImage_18.png
  2. Application/Questionnaire: enable the featurepastedImage_19.png
  3. On-demand notification template: enable and complete a template to be selected on specific AWF user action nodes.pastedImage_22.png
  4. AWF User action node: enable the feature and select an on-demand notification templatepastedImage_23.png
  5. User Profile: enable a user to use this featurepastedImage_25.png

Feedback loop:

Once an action is successfully completed by RSA Archer, the user receives an acknowledgement email. Similarly if the action could not be completed due to any reason the user receives an error notification. 

 

Additional Notes: 

  • In case a mandatory field is present on the layout that a user needs to fill in while taking an AWF action, and this feature is enabled, the user will see grayed out buttons on the email body. This has been done to ensure that user knows upfront that the specific AWF node cannot be completed via an email. 
  • This feature is currently available for our on-premise  customers, we are working towards getting this on our hosted offering. Please look for updates on the RSA Archer roadmap. 

 

To know more about this feature please join us on this week’s Free Friday Tech Huddle!

11 Comments
Anonymous
Not applicable

Great capability, many customers asked for this!

JaciHawley
Contributor III

Hello,

 

Is this offered yet for Hosted Customers? 

 

Thanks,

Jaci

VivekKumar21
Contributor III

I think it only works for on premise not for saas

Anonymous
Not applicable

Will it not work for cloud host ?

AnandDeshpande
Archer Employee
Archer Employee

This feature is currently not available on our SaaS and Hosted platforms, however this is currently in the planning stages. You will be able to track the progress of this feature through our monthly roadmap presentations soon. 

SamuelPalukuri
Contributor

Does Exchange support Exchange Online (Exchange Web Services)?

Joe-Atter
Contributor III

We plan on using an existing mailbox that is performing critical activities for another application. Any concern with this?

Is it also recommended to use a different folder within the mailbox for each application leveraging the functionality?

@AnandDeshpande 

AnandDeshpande
Archer Employee
Archer Employee

@Joe-Atter Yes, existing mailbox can be used. A different folder can be used to avoid any confusions, but it is not mandatory. 

Anonymous
Not applicable

For those of you that may have missed it, AWF Actions by Email was made available for US and EMEA SaaS customers in December 2020.  Availability in APJ SaaS is anticipated, but is dependent upon an AWS native service that is not yet currently available in that region.  They have plans to add that service to the region located in Sydney, Australia, but no completion date has been confirmed by AWS at this time.  This feature will not be made available in any of the Hosted environments.

Joe-Atter
Contributor III

@AnandDeshpande @Anonymous 

  • What is the recommended monitoring frequency? Obviously we would like a quick turnaround time so users could see their approvals go through but don't want to put too much strain on the server.
  • Is there a way to tell which email responses have been processed or not? If we had a less frequent monitor, would be nice to be able tell users why approvals haven't been registered or just for troubleshooting
  • Any recommendation on the retrieval method as well? Want to make sure we can keep track of the approvals

Thank you!

NancyGuhse
Collaborator III

@AnandDeshpande  When you say "Simple" does that mean if there are any mandatory fields at all on the layout it will not work? Or does it mean that any unfilled mandatory fields will cause it to be greyed out?  Because I have set it up and the link is always greyed out.  While there are mandatory fields on my layout, they are already completed by the time it gets to my approvers.  All the approvers need to do is click the actions button when they go in, there's nothing else required for them.