Provisioning groups come into play if you have synced Virtru with your organization's Google Workspace (formerly G Suite). Once a domain is synced, by default, all users in that domain become licensed users. If you have purchased licenses for only a subset of your users, then you need to implement a provisioning group to maintain licensing compliance.
A "Licensed" user is any user that has the ability to send secure emails with one of the Virtru plugins or apps.
Configuring a Provisioning Group
Virtru customers can create a Google Group on their Google domain and only add their desired Virtru senders to that group. Follow the steps below to configure a provisioning group:
1. Create a Google Group on your domain with the group email addressed as "virtru-provisioning-group@[yourdomain.com]"
2. Add the users you want to license to this group. Those users will become the only users in your organization who can compose new encrypted messages. Everyone else in your domain will still be able to decrypt the messages that are sent to them, but they will be unable to create new encrypted emails, even if they have Virtru installed.
3. Sync with Virtru:
- If you have already synced with Virtru, you can perform a domain refresh
- If you have not synced with Virtru, you will want to install Virtru on the domain level.
Once complete, Virtru will automatically recognize the provisioning group and license users appropriately. Non-provisioned users will still appear in the Control Center and may appear as "Active", but they will have read-only access.
After creating the provisioning group, the list will need to be maintained into perpetuity. A "domain refresh" will need to be performed for any provisioning group changes to take effect in Virtru (or any other changes to groups and/or users).
User Experience and Impact
A provisioned user will not see any changes to their experience. However, non-provisioned users will see significant changes:
- User will have read-only access when using a plugin and will be able to decrypt encrypted emails
- User will NOT be able to create new encrypted emails or drafts
- User will NOT be able to reply to encrypted emails via the plugin, but can still use the Secure Reader to read and securely reply to messages.