Skip to main content
Submitting and Approving Requests
Akanksha Nguyen avatar
Written by Akanksha Nguyen
Updated over a week ago

HERE'S WHY

Content on your Trust page may be confidential or require an NDA to view. You can select which content is Private or Public so you do not risk sharing sensitive information.

BEFORE DIVING IN

  • Files set as “Public” will allow anyone that views your Trust page to download and view those files.

  • If you have an NDA uploaded in your “Page Settings” of your Trust Center, all files uploaded to your Trust Center will be set to “Private” by default, but can be changed to “Public”.

  • If you do not have an NDA uploaded, all files will be set to “Public” and cannot be changed to “Private”.

  • If you have an NDA uploaded and files set as “Private”, you cannot delete your NDA until you remove or change the files to “Public”.

HERE'S HOW

If you set any content (i.e. compliance, reports, or policies) as private, viewers can submit an access request on your Trust Center Page.

  • When a viewer hovers over the lock icon in the compliance, security reports, or policies section, a message is displayed informing them they must request access for this file.

  • Clicking on that icon will open a modal with the option to select any private file hosted on your Trust Center page. They can search and multi-select files they want to request access to.

  • After clicking continue, they will be presented with a form. The first field will have the list of files they selected from the previous modal. They can choose to remove one of those files by clicking on the “x” next to each file name.

  • The requestor must fill out all fields presented on the form. If they have never been approved for a request within the last year, they will be able to view the NDA you uploaded to your Page Settings in your Trust Center.

  • The requestor must check the box acknowledging they have read and accepted the terms outlined in your NDA. If they do not check the box, they cannot send a request.

  • Once a request is submitted, the email inputted in the Email Notifications in your Trust Center Settings for your Trust Center will receive the request.

  • In order to review the request, you can go to your email and click on View Request, which will redirect you to your Trust Center within Drata.

  • You can also directly review all your pending requests on the Drata Trust Center homepage.

  • In addition to the two methods above, you can directly review all your pending requests in the Trust Center Access & Requests page by pressing Manage Access on the Trust Center homepage.

  • After clicking Review, you will see the information on the request, including the time of the request, the NDA attached to the request, the requestor’s information and the files requested.

  • You can Deny the request at any time. The requestor will receive an email saying they have been denied access. The Past Requests table will be updated with the denied access for this request.

  • To approve a request, you can click Approve Access.

  • When you click on Approve, the Past Requests table will be updated with the approved access for this request.

  • The requestor will receive this email with a link to download their requested documents.

  • The Trust Center Admin email will also receive confirmation that a request was approved.

  • After a request has been reviewed, the details of the request can be found by clicking a request in the Past Request Table.

  • This will open a modal that includes the time of the request, the NDA attached to the request, the requestor’s information, the files requested, and the status of the request.

  • You can also search past requests by name organization or email address and filter past requests by status (access granted, access denied, NDA sent, NDA expired)

  • Notes for managing private access:

    • Approvals will last one full year by default – starting from when the admin clicks on Approve. This means if that requestor submits another request on your Trust Center, they will not need to check a box for an NDA. They will be automatically approved and will receive the selected files. After one year, that requestor has to re-submit a request and get approved.

    • Note: When you upload a new NDA, it will only be shown for future requests. All past and pending requests will have the previous NDA you uploaded.

    • Note: If you remove a file from your Trust Center or from Drata, any download link with that file will expire.

Did this answer your question?