What information on backups is available for Administrators?

This article details information on backups for administrators.

  • NOTE:  Some settings are not changeable by Org Admins. Also, some links in this guide lead outside the Technology Solutions service catalog.

Adding users

  1. Fill out the form located here to request the creation of an "organization" in Crashplan and add/remove users. NOTE:  Once installed, the client will automatically begin backing up the files located in the "Users" folder (My Documents, My Pictures, Desktop, etc.)

Standard Roles

Role Permission Summary Limitations Recommended Use Case
*Desktop User - No Web Restore

Administrative

  • N/A

End user

  • Perform personal backups from the CrashPlan app and CrashPlan web app
 Cannot interact with other users' data or change settings in your Code42 environment End users in your organization
Org Admin - No Web Restore

Administrative

  • Read and write information for users, computers, and organizations within one organization and its children organizations

End user

  • Perform personal backups from the CrashPlan app and CrashPlan web app
  • Cannot read or write information outside their organization
  • Cannot access administration console command line 
  • Cannot access system logs
 Administrators who should only manage users and devices within a specific organization
*PROe User

Administrative

  • Sign in to the administration console

End user

  • None
  • Cannot access other information or functions of CrashPlan PROe
 End users in your organization

NOTE:  In order to maintain HIPAA compliance, Web Restores have been disabled for all roles.   Go here for a list of all the currently defined roles.

Overview

Organizations are the way to group users in your CrashPlan environment. You can configure different organizations to use different settings.

Organization, user, and device hierarchy

Backup activity in your CrashPlan environment is managed by settings at three levels: organizations, users, and devices.

Organization

The hierarchical level in the CrashPlan environment for users and their devices. Each user can belong to only one organization. You can define many settings at the organization level; different organizations can have different settings. An organization can contain child organizations, and an organization can exist without containing any users.

User

A single account in your CrashPlan environment. A user account has a single set of sign-in credentials (username and password) and a single encryption key for all backups. A user always belongs to one (and only one) organization.

Device

A single computer within your CrashPlan environment, identified by its GUID. May be used interchangeably with endpoint

Organizations

The Organizations screens display information about the organizations in your CrashPlan environment. From Organizations, you can

  • Add organizations
  • Click an organization name to view more details about that organization.
  • Perform actions on the selected organization.

To access the Organizations screens, select Administration > Environment > Organizations from the menu.

Organizations screen

Active_Organizations_Cloud_8.7_annotated.png

Item Description Click to view
a Active Displays all active organizations.  
b Deactivated Displays all deactivated organizations.   
c Action menu Contains commands available in the organization list view.  
d Add an organization Creates a new organization.  
e Selects all the organizations in the list.  
f Name Displays the organization name. Organization Detail for selected organization
g Users Displays the number of active users assigned to the organization. User List for selected organization
h Backup Devices Displays the number of user devices backing up in this organization. All devices assigned to the selected organization.


Add a new organization

Click Add an organization Add_an_organization_button.png to create a new organization.

6.0-console-organizations-addorganzation-export.png

Action menu

Command Description
Block

Blocks this organization and all its users and devices.

  • Incydr monitoring and backup continues, but users within this organization will be unable to sign in or restore.
  • This action is available when the organization is not currently blocked.
Unblock Unblocks this organization and any blocked users or devices within this organization. This action is available when the organization is currently blocked.
Change Organization Moves the organization to a different parent organization.
Export Exports selected items to CSV file. If no item is selected, all items in the list are exported.


CSV export

Export all visible list items to a CSV file by selecting Export All from the action menu. If no organization is selected, all organizations in the list are exported.

Field Description
orgId Identification number for the organization.
parentOrgId Identification number for the parent organization.

orgName

 Name of the organization.
registrationKey Registration Key for this organization.
status Organization is active or blocked.
active TRUE: Active
FALSE: Blocked
blocked TRUE: Blocked
FALSE: Not blocked
computerCount Number of devices registered to users in this organization.
backupDeviceCount Number of devices using the CrashPlan app.

shareDeviceCount

 Deprecated.
planCount Number of plans under this organization.

warningCount

 Number of warning alerts for this organization. A warning alert happens when a device has not backed up to any destination for longer than the number of days defined in the Organization's Settings

criticalCount

 Number of critical alerts for this organization. A critical alert happens when a device has not backed up to any destination for longer than the number of days defined in the Organization's Settings.

targetComputerGuid

 Globally Unique IDentifier for the device used for computer-to-computer back up.
targetDestinationGuid The globally unique identifier of the destination.

selectedFiles

 Total number of files selected for backup.

selectedBytes

Total number of bytes selected for backup.

todoBytes

Total bytes of data remaining to back up.

todoFiles

Total number files remaining to back up.

archiveBytes

Total bytes the archive occupies on disk.
orgGuid Globally unique identifier of the organization.
parentOrgGuid Globally unique identifier of the parent organization.
orgUid The UID (unique ID) of the organization.
parentOrgUid The UID (unique ID) of the parent organization.
orgExtRef

Optional external reference information, such as a serial number, asset tag, employee ID, or help desk issue ID.
notes


Details

Organization Details displays stats and settings for the selected organization.

8.2_console_organizations_Organization_detail_annotated.png

Item Description
a Action menu Contains the actions that you can apply to this organization.
b Orgs

Displays the number or child organizations under this organization. 

Click to view the organizations in detail. 
c Users Displays the number of users in this organization.
Click to view the users in detail.
d Devices Displays the number of devices in this organization.
Click to view the devices in detail.
e Restores Displays the number of restores that have occurred in this organization.
Click to view the restore history in detail.
f Cold Displays the cold storage used by this organization.
Click to view the cold storage use in detail.
g Registration Key Displays the Registration Key for this organization. Use this key to assign new users and devices to this organization.
h Date Created Displays the date this organization was created.
i Storage Displays statistics of data stored for this organization.
j Storage Utilization Displays a summary of storage by user.
Chart regions are clickable.
k Org Info

Displays current organization settings.

 

See the Edit section below to change these settings for a specific organization.
l Device Backup Defaults Displays current device backup settings. To change these settings, see Configuring Device Backup Settings.


Action menu

Command Description
Edit Edits organization settings including name, quotas, destinations, reporting and security.
Device Backup Defaults Edits default device backup settings for this organization.
Upgrade Clients Updates the CrashPlan app on all devices in this organization to the most recent available version. This does not affect child organizations.
Add a Child Organization Adds a new organization that is subordinate to the selected organization.
Add Users Adds users to this organization.
Invite Users Sends an invitation via email to back up.

Activate

Activates a deactivated organization.

  • Deactivated users and devices must be activated individually.
  • This action is available when the organization has been deactivated.

Deactivate

Deactivates this organization and all associated users and devices, and places all backup archives into cold storage. Incydr monitoring stops. 

  • When an organization is deactivated, the word “deactivated” plus a timestamp is appended to the name.
  • This action is available when the organization is active.

Block

Blocks this organization and all its users and devices.

  • Incydr monitoring and backup continues, but users within this organization are unable to log in or restore.
  • This action is available when the organization is not currently blocked.

Unblock

 Unblocks this organization and any blocked users or devices within this organization. This action is available when the organization is currently blocked.
Change Organization Changes this organization's parent organization. Settings remained unchanged when the organization's parent is changed.
Email Backup Report Emails a backup report for a specified period to organization managers or other email addresses of your choice.


Edit

From the Organization Details action menu, select Edit to access settings for quotas, reporting, security, reference, and endpoint monitoring. Each section is explained in detail below.


Quotas

Organization_Settings_8.2_annotated.png

Item Description
a Name Sets the name of this organization.
b

Compliance Settings

 Activates Compliance Settings for this organization.
c Inherit quota settings from parent

Configures the organization to take on the quota settings of the organization defaults (system-wide organizations) or its parent organization. When enabled, settings must be edited at the organization default or parent organization level.
d Maximum user subscriptions

Sets the maximum number of user subscriptions allowed for this organization.

  • All user accounts with a backup archive contribute toward the quota.
  • Moving users in and out of organizations can cause an organization to be over the quota.
  • No child organization can have a higher quota than a parent organization.
  • Changing the quota on a parent organization does not change the quota on child organizations, unless the children inherit the quota from the parent.
e Move deactivated archives to cold storage for Allows you to set and view the cold storage period. After this period expires, the archives are deleted from the file system.
f Backup disk quota Sets the total amount of storage the entire organization is allowed to consume.
g Backup user disk quota

Sets the total amount of storage each user is allowed to consume across all devices.

Only applies to newly added users. To apply changes to existing users, update quotas via the CrashPlan API.

h Web restore limit1

Amount of data that users are allowed to restore in a zip file restore session.

  • This does not apply to device restores.
  • A value of 0 MB disables web restores for users.
  • Select Unlimited to set no web restore limit.2
i Web restore limit for Org Manager Role1

Amount of data that administrators are allowed to restore in a zip file restore session.

  • Applies to administrators with the Org Manager, Cross Org Manager, Org Admin, or Cross Org Admin role.
  • This setting does not apply to device restores.
  • Select Unlimited to set no web restore limit.2

1 This setting is disabled when Compliance Settings are activated.

Note: The default restore limit for zip files is 250 MB. Even though this limit can be adjusted, zip files have their own inherent size limitations. Our technical support engineers typically see that file selections larger than 1 GB fail. Web restores are useful for quick, small downloads in emergency situations, or when other restore methods are not available. Large restores should be done through the CrashPlan app or using the device restore feature.


Reporting

console-organizations-orgsettings-reporting-12.18.2020.png

Item Description
a Name Sets the name of this organization.
b Compliance Settings Activates Compliance Settings for this organization.
c Inherited reporting settings from parent

Configures the organization to take on the reporting settings of the organization defaults (system-wide organizations) or its parent organization. When enabled, settings must be edited at the organization default or parent organization level.
d Send backup report

Enables or disables sending backup reports to org admins for this organization. Choose which days of the week you'd like to receive reports.

To customize the backup status report email, see Customize email templates (CrashPlan).
e Recipients

Displays currently configured report recipients. For new customers, the first administrator is a recipient by default. To start or stop emails to other users, add or delete addresses from the next field, Additional recipients.
f Additional recipients Allows you to add or delete report recipients.
g Warning

Configures the alert threshold for warning notifications. Devices that have not backed up to any destination for longer than the defined number of days are included on warning alert emails.

For directions on how to customize the warning backup alert email sent to users, see Customize email templates (CrashPlan).
h Critical

Configures the alert threshold for critical notifications. Devices that have not backed up to any destination for longer than the defined number of days are included on critical alert emails.

 

For directions on how to customize the critical backup alert email sent to users, see Customize email templates (CrashPlan).


Security

console-organizations-orgsettings-reporting-12.18.2020.png

Item Description
a Name Sets the name of this organization.
b Compliance Settings

Activates Compliance Settings for this organization.
c Inherit security settings from parent

Configures the organization to take on the security settings of the organization defaults (system-wide organizations) or its parent organization. When enabled, settings must be edited at the organization default or parent organization level.
d Select an authentication method

Sets the authentication method for the organization:

  • Local: Users authenticate against the local CrashPlan platform directory.

  • SSO: Users authenticate against one of the offered single sign-on identity providers. One or more identity providers must be selected in Choose provider(s)
e

Choose provider(s)

Specifies the SSO identity provider(s) that provide authentication. Options appear based on your identity provider configuration.

 

SSO requires configuration of at least one identity provider via Administration > Integrations > Identity Management. (You can also manage an organization's authentication provider settings from Identity Management.) 
f Select a directory service

Deprecated

To use a directory service with your CrashPlan cloud environment, see:
g Choose directory service(s)

Deprecated

To use a directory service with your CrashPlan cloud environment, see:
h Local Two-Factor Authentication

Defines two-factor authentication requirements for accessing the CrashPlan console.

  • Enabled: Requires affected users (see details below) to configure two-factor authentication (Google Authenticator is our recommended application). Users must then provide a one-time authentication code in addition to their CrashPlan username and password to access the CrashPlan console.
  • Disabled: Locally authenticated users are only required to provide their CrashPlan username and password to access the CrashPlan console.

Affected users:

  • If this organization integrates with a dedicated SSO identity provider, this setting only applies to local users. Typically, this is a very limited number of administrator accounts reserved for troubleshooting your authentication provider.
  • If this organization only uses Local authentication (see item d above), this setting applies to all users.
  • This setting does not apply to:
    • The CrashPlan app
    • Any existing multi-factor authentication requirements managed by your external identity provider

See Two-factor authentication for local users (CrashPlan) for more details.
i Web restores 

Sets whether users can restore files from the CrashPlan console using the zip file web restore method:

  • Enabled: Users in the organization can perform zip file web restores.
  • Disabled: Users in the organization cannot perform zip file web restores.

The setting only applies to the zip file web restore type; it does not apply to the device web restore type. It may take up to a day before all users in the organization are updated with the new setting. 

 

To change the setting, administrators must have the Customer Cloud Admin role. Clicking the Lock button prevents administrators in child organizations from changing the setting.

Increased security
Disable zip file web restores to limit file exfiltration potential by preventing users from downloading data in a browser and the decryption of archive data by the CrashPlan server system. This secures user data from access by administrators.

Zip file web restores must be disabled for NIST 800-171 compliance
j Client Visibility

Configures CrashPlan app visibility on user devices.

  • Visible: Allows users to see and interact with the CrashPlan app.
  • Hidden: Hides most user-facing elements of the CrashPlan app on the device. For example, the CrashPlan app does not appear in the Start Menu and Add/Remove Programs (Windows) or the Dock (Mac).

    Setting the visibility to Hidden does not uninstall any CrashPlan components. Security monitoring and file backups continue to run in the background. 

    See Show or hide CrashPlan app visibility on user devices (CrashPlan) for more details.
k Inherit setting from parent
  • Selected: This organization uses the setting of its parent organization and cannot be changed here.
  • Deselected: Enables this organization to change the setting independently of the parent organization.
l Lock

Click the icon to lock or unlock each setting.

 

When locked:

  • The setting is pushed to all child organizations
  • Child organizations cannot change the setting

When unlocked:

  • Child organizations can change the setting independently of the parent organization

Reference

console-organizations-orgsettings-reference-cloud-12.18.2020.png

Item Description
a Name Sets the name of this organization.
b Compliance Settings Activates Compliance Settings for this organization.
c External Reference Specifies optional external reference information such as a serial number, asset tag, employee ID, or help desk issue ID.
d Notes Specifies optional descriptive information.

Device backup defaults

To change device backup defaults, from the action menu, choose Device Backup Defaults

Select from the tabs to configure specific settings:

  • General: Specify client settings related to CPU power and bandwidth allocation, device backup alert thresholds, and file exclusions.
  • Backup: Define how and when backup operations take place, what files to include and exclude from backup, the frequency of backup, and how long to retain file versions. 
  • Reporting: Specify when and what reports are sent and to whom.
  • Security: Set the default encryption key policy. After the encryption policy is elevated, upgraded CrashPlan environments can never downgrade their policy.
  • Network: Control connection performance settings for WAN and LAN networks, exclude wireless networks, exclude network interfaces, or configure proxy settings.

Device_Backup_Default_Settings_General_FFS_CPU-710-export.png

Device defaults from parent
Enable Use device defaults from parent to make this organization use the device backup default settings from the parent (or root) organization. Disable to stop inheritance and allow changes to the device default settings for this organization. All organizations have the same settings options as the root organization, which appear in Set device defaults.

Add a child organization

Use the Add a Child Organization command to create a new organization under the currently selected organization.

6.0-console-organization-add-child-org-export.png

   
   
   
   


Change organization

Changing organizations can affect backups
If users are moved to a different organization, it could affect their backup. For example: 
  • Different destinations offered: If the new organization does not offer the same destinations as the user's previous organization, any of the user's data from destinations that are no longer offered are put in to cold storage. Data in cold storage is deleted according to your cold storage retention policy. 
  • Frequency and version settings: Any differences in the new organization's frequency and version settings are applied to the backup archive after the user device connects to the CrashPlan cloud. Depending on the new organization's frequency and version settings, some data could be removed.
  • Auto-start backups: If the new organization has any destinations configured to auto-start, the CrashPlan app begins backing up to those destinations immediately. Destinations that are not configured to auto-start appear in the CrashPlan app for the user to select.

6.0-console-organizations-changeparentorg-export.png

Item Description
a Searches for parent org name.
b Displays the results of the search as you type.


Email backup report

6.0-console-organization-emailbackupreport-export.png

Item Description
a Defines the start of the reporting period.
b Defines the end of the reporting period.
c Indicates whether or not you want child organizations included in the report.
d Specifies the email addresses of report recipients. Click + to add email addresses to the list. Click X to remove an email address.
e Adds any users in the selected organization assigned the Org Manager or Cross Org Manager role to the email distribution list.


Cold Storage

From the organization details, click the Cold value to view a list of the organization's archives currently in cold storage.

Cold_storage_details.png

Item Description
a Action menu Contains available commands for the archives in cold storage.
b Select all Selects all the organization's archives in cold storage.
c Type

Indicates the archive type: Backup
d Archive GUID Globally unique identifier of the archive.
e Organization Organization where the archive resides.
f User User that owns the archive.
g Device Name

Name of the device that owns the backup archive.


Security archives display Not Available because more than one device can be associated with a security archive.
h Hostname

The host name of the device where the backup archive resides in the CrashPlan cloud, as reported by the computer's operating system. 
 

Security archives display Not Available because more than one device can be associated with a security archive.
i Store Point Store point on a server in the CrashPlan cloud where the archive resides.
j Size Amount of space consumed by the archive.
k Purge Date Date when the archive is removed from cold storage.

Action menu
Command Description
Purge Archive Permanently removes the selected archives from the store point's file system on a server in the CrashPlan cloud.
Change Purge Date Changes the date when the selected archives will be completely removed from the store point's file system on a server in the CrashPlan cloud.
Export All Exports a list of archives to a CSV file.
Purge archive

Purge archives by selecting action menu > Purge Archives.

Cold_storage_purge_archive.png


Change purge date

Change the purge date  by selecting action menu > Change Purge Date.

Cold_storage_change_purge_date.png


CSV export

Export all visible list items to a CSV file by selecting action menu > Export All. If no archive is selected, all archives in the list are exported. The following attributes are exported to the CSV file.

Field Description
archiveGuid Globally unique identifier for the archive.
id Identification number of the archive.
archiveBytes Total size of files selected for back up and sync.
archiveType

Indicates the archive type: Backup.
sourceUserId The ID of the user associated with this archive.

sourceUserUsername

 User name for the user associated with this archive.
sourceUserFirstName First name of the user associated with the archive.
sourceUserLastName Last name of the user associated with the archive.
sourceUserEmail Email for the user associated with the archive.
sourceComputerId An identification number for the device associated with the archive.
sourceComputerName Name of the device associated with the archive.

sourceComputerOsHostname

 The name of the computer where the archive resides in the CrashPlan cloud as reported by the computer's operating system. 
sourceComputerService Indicates the app associated with the archive.
purgeDate Date when the archive is removed from cold storage
orgId Identification number of the organization where the archive resides.
orgName Name of the organization where the archive resides.
storePointId Identification number of the store point on a server in the CrashPlan cloud where the archive resides.
storePointName Name of the store point on a server in the CrashPlan cloud where the archive resides.
serverName Name of the server in the CrashPlan cloud associated with the store point.


Restore history

View the Restore History by selecting an organization, then clicking the number of restores. These details are restricted by role: you can view only the restore history to which you have access based on your role permissions.

6.0-console-organization-restore-history-export.png

Item Description
a Action menu Includes the option to Export (as CSV) the restore information.
b Operating System Displays the operating system of the device that received the restored data.
c User User whose data was restored. A red warning icon Warning Icon.png will appear if another user initiated the restore (via restoring from the CrashPlan console, for example).
d Restore To Device that received the restored data.
e # Files Number of files that were restored.
f Size Total size of the restored files.
g Transfer Rate Speed of the file restoration.
h Restore Date Date and time the restoration occurred.
i Duration Total time taken to restore the files.
 

 

Print Article

Related Services / Offerings (1)

Endpoint Backups
CrashPlan is an online backup service that boasts an excellent interface, unlimited storage plans, and the ability to back up to your own internet-connected computers. CrashPlan is not offered for server backups, or personal data from privately-owned computers, but is available for backups of UIC-related data on individual UIC-owned devices.