FGA (Fine Grained Access) is currently only applicable for segregating LEA’s into only being able to view their own data when it applies to Host Groups, Host Management, and Real Time Response (RTR). This means that LEA’s will still be able to view vulnerabilities, graphs, reports, etc. that contain information from across the entire CID. This level of access is subject to change as CrowdStrike refines FGA, but as it stands currently, FGA is limited.
For ISDs that would prefer to completely separate each LEA within CrowdStrike, the best solution for this is to purchase a child/sub CID of the ISD for the individual LEA. The same policies and configuration for the ISD/RESA CID will be set up within the LEA child CID by the Crowdstrike provisioning team.
If you have questions about purchasing a CID, please reach out to MiSecure at misecure@gomaisa.org
FGA works by limiting a user to only being able to access assigned Host Groups. Below will show you how to setup a Host Group and how to setup a user's account to have access to only that Host Group.