By default, all customer accounts are created with a single, self-contained Mimecast account. However, organizations with more complex requirements (e.g. different geographical regions) can have more than one account linked to a master account. The Advanced / Federated Account Administration Console acts as an overarching view of all these accounts.
Administrators can use 2-Step Authentication to log into their Advanced / Federated Account Administration master account.
- Link multiple Mimecast accounts to one overall master account. The only limitation is that all the accounts must be hosted on the same Mimecast grid.
- Centralize domain management and policy administration.
- Group accounts to create a hierarchy.
- Administer several Mimecast accounts, and allocate permissions to regional administrators.
- Ensure policies from group / corporate accounts replicate down to regional / divisional accounts. See the Policy Inheritance page for full details.
- Apply different message retention policies based on users and groups, to meet commercial and regulatory requirements and control costs.
Advanced / Federated Account Management Differences
The differences between advanced or federated account management are provided below:
|Account Type||Description||Use Cases|
|Federated Account Administration||The following optional features are supported:||This is useful for:|
|Example: An organization has four agencies, each with their own unique email domain. A global IT Manager controls specific inheritable policies for the agencies via a master or group account. Each agency's IT managers only have control over their Mimecast account.|
|Advanced Account Administration||In addition to the features included with Federated Account Administration, Advanced Account Administration also supports domain sharing across multiple Mimecast accounts.||This is useful for large organizations that share the same domain name, but wish to segregate and / or partly or fully federate administrator access and policy configuration.|
|Example: An organization has offices in 15 countries. These regional offices all utilize the same domain name, but the global IT Administrator wants to segregate administrator access per region, whilst providing specific inheritable global policies next to specific policies set by the regional administrators.|