Module ā User Guide
Overview
The Technicians module allows administrators to connect the platform to Microsoft 365 (O365) and import users who will act as security technicians.
These technicians are responsible for:
- Receiving security alert notifications generated by the SIEM.
- Managing and closing incident tickets directly in ConnectWise.
This module ensures that all users handling alerts are synchronized with Microsoft accounts, maintaining consistent access and accountability.
š Accessing the Module
- Log in to the main platform.
- From the left menu, select Technicians.
- The main page will display the Technicians List, showing all imported or manually added users.
š Interface Overview
Main Components
- + New ā Create a new technician manually.
- Refresh ā Reload the technician list to show recent changes.
- Delete ā Remove selected technicians.
- Sync Microsoft Users ā Connects to Microsoft 365 and imports available users.
Imported users will show a cloud icon under the Imported column.
š Technicians List
| Column | Description |
|---|---|
| Name | Technicianās full name. |
| Microsoft 365 account used for authentication and notifications. | |
| Phone | Technicianās phone number for SMS or voice alerts. |
| Username | Internal system username (can include multiple values). |
| Imported | Displays a cloud icon if imported from Microsoft 365. |
| Status | Technicianās current state (Active or Inactive). |
š Synchronizing with Microsoft 365
- Click Sync Microsoft Users.
- The system connects to your O365 tenant and retrieves user data.
- Select users you want to import as technicians.
- Imported users will appear in the list with the blue cloud icon.
š” Tip: Import only users responsible for handling SIEM alerts and ConnectWise tickets.
š¤ Adding or Editing a Technician
Click + New to add a new technician, or click an existing technicianās name to edit their details.
Technician Information Window
This form is used to manually register or update a technicianās information.
| Field | Description |
|---|---|
| Name* | Enter the technicianās full name. This field is required. |
| Email* | The technicianās email address (must be valid, preferably their Microsoft 365 address). |
| Phone* | The phone number used for SMS alerts, MFA, or automated voice calls. |
| Status | Defines whether the technician is Active (can receive alerts) or Inactive. |
| Usernames* | Add one or more usernames used across systems (for example, ConnectWise or Active Directory). Use commas to separate multiple values. |
| Optional (SMS Consent) | If checked, the user agrees to receive security and verification messages from SkoposGuard. Includes a link to the Privacy Policy and opt-out instructions. |
Buttons:
- Save ā Stores the new or updated technician information.
- List ā Returns to the Technicians List.
- + New ā Clears the form to register another technician.
šØ Integration with SIEM and ConnectWise
- Imported or manually added technicians are automatically linked to the SIEM.
- When a new alert is generated, the assigned technician:
- Receives an email, SMS, or voice alert (based on configuration).
- Can acknowledge or close the incident directly from the alert interface.
- When a ticket is closed in SkoposGuard, the system synchronizes the status back to ConnectWise.
š§¾ Notes and Best Practices
- Ensure that the Microsoft 365 credentials used have Directory.Read.All permissions to fetch users.
- Only assign āActiveā status to users currently on the security response team.
- Review the technician list regularly to remove old or inactive accounts.
- Keep phone numbers updated to avoid missed SMS or voice alerts.
- Use the Refresh button after syncing to confirm new entries are displayed.