Quorum Policies
Data Protection on Demand (DPoD)
Overview
Quorum is an authorization policy that requires approval from multiple stakeholders before critical operations (e.g., deleting a service instance) can proceed. This prevents accidental or malicious actions by enforcing multi-party consent.
Note
This feature is released as a tech preview and may not be available in all DPOD tenants. To have this feature enabled in your tenant please contact dpondemand@thalesgroup.com
Key features:
-
Pre-approval or Revocable Authorization:
-
Time-limited, single-use: Requires approval before an operation (e.g., for irreversible actions).
-
Approved until revoked: Authorization remains active until manually revoked.
-
-
Audit Logs: All quorum actions are recorded for transparency.
-
Notifications: Email alerts keep stakeholders informed at every stage.
Enabling a Policy
Initially, all policies are disabled, and enabling a policy does not require a quorum. Once enabled, a policy cannot be disabled or edited. Any changes, including editing and disabling, will require a support ticket.
Supported Policies
The following platform policies are available for subscriber tenants (not service providers):
| Policy Name | Description |
|---|---|
| Delete Service | Prevents accidental or malicious deletion of service instances. (excludes third party marketplace services) |
Roles and Permissions
Policy Management
Administrators may:
-
Enable quorum policies for the tenant.
-
Set the minimum number of approvers when enabling a policy.
Members of the Approval Group may:
-
Vote on quorum requests.
-
Re-vote (change their vote) until the quorum is approved or rejected.
-
Cancel a quorum request if they are the request creator.
Procedures
Requesting a Quorum
When Quorum is enabled for service deletion, users attempting to delete a service without approval will be presented with a Create Quorum Request dialog to select an Operation Validity Period and provide an optional note.
Note
For time-Limited quorums expiry is fixed at 72 hours and is not user-configurable.
If Set Time Period is selected:
-
Specify a start and end time for the period in which the approval can be used to perform the operation.
-
(Optional) Add a comment explaining the reason for the request.
-
Click Request
If Until Revoked is selected:
-
(Optional) Add a comment explaining the reason for the request.
-
Click Request.
In both cases, once approved:
-
You will receive a notification email informing you that the quorum has been achieved.
-
You can then manually proceed with deleting the service.
Canceling or Revoking a Quorum Request
To cancel a quorum request before it is approved:
-
Navigate to the Quorum Requests section under your user profile.
-
Locate the quorum request you want to cancel.
-
Click the Cancel or Revoke button as applicable.
Voting on a Quorum Request
Quorum requestors implicitly vote for their request. To vote on a quorum request:
-
You will receive an email notification when a quorum request requires your vote.
-
Navigate to the Quorum Requests section under your user profile.
-
Locate the quorum request that requires your vote.
-
Review the request details and any comments provided.
-
Click either Approve or Reject.
-
(Optional) Add a comment explaining your vote.
-
Click either Approve or Reject.
Notifications
Emails are sent to stakeholders at key events:
| Event | Recipients | Purpose |
|---|---|---|
| Quorum requested | Requestor and all approvers | Inform about the request details. |
| Quorum approved | Requestor | Notify that the quorum is achieved and the user can proceed with the operation. |
| Quorum rejected | Requestor and all approvers | Notify of rejection and reason (if provided). |
| Quorum expired | Requestor | Alert that the quorum expired without action. |
| Quorum revoked/closed | Requestor | Confirm revocation or closure. |
Audit Logs
All quorum-related actions are logged for accountability:
| Action | Details Captured |
|---|---|
| Policy enabled/disabled | Policy name, admin, timestamp. |
| Quorum requested | Requestor, operation, comment. |
| Vote cast/changed | Voter, vote (approve/reject), timestamp. |
| Quorum canceled | Canceled by, timestamp. |
| Quorum approved/rejected | Result, timestamps, voter details. |
| Quorum expired/revoked | Timestamp, requestor. |
For more audit logging information please refer to the Audit Logging section.
