Remove User Access | OpsBlu Docs

Remove User Access

Remove user access in Simple Analytics — revoke permissions, deactivate accounts, and maintain security audit trails.

Use this procedure to revoke access when team members leave, contracts end, or permissions are no longer needed. Simple Analytics removes access immediately upon deletion.

Prerequisites

Before removing a user, verify:

  • You have Owner or Admin role permissions
  • The user's access is genuinely no longer needed (consider downgrading to Viewer instead of full removal)
  • You've exported any audit or compliance documentation that references this user
  • Any API keys or integrations created by this user have been identified and reassigned
  • You've documented the reason for removal (offboarding, contract end, role change, etc.)

Step-by-Step: Remove a Team Member

1. Access Team Management

  1. Log into Simple Analytics as an Owner or Admin
  2. Navigate to SettingsTeam
  3. Review the complete team list to locate the user to remove

2. Export Audit Trail (Critical First Step)

Before removing any user, capture the audit evidence:

  1. Take a screenshot of the Team page showing the user's current role and website access
  2. Note the user's email address, role, and which websites they could access
  3. Record the removal date and business justification
  4. Store this documentation in your IAM records or access control spreadsheet

This step is critical because Simple Analytics removes the user immediately and you lose the ability to reference their historical access.

3. Remove the User

  1. Find the user in the team list
  2. Click the Remove, Delete, or trash icon next to their name
  3. Confirm the removal when prompted (this action is immediate and cannot be undone)
  4. The user disappears from the team list instantly

4. Verify Access Revocation

  1. Confirm the user no longer appears in Settings → Team
  2. If possible, have the user attempt to log in to verify their access is denied
  3. Check that any shared dashboards or reports no longer include this user

After Removal: Additional Steps

Audit related access:

  • Review any API keys the user may have created or used
  • Check for any automated integrations or exports linked to their account
  • Verify that custom dashboards or reports they created are still accessible to remaining team members

Update documentation:

  • Record the removal date and reason in your access tracking system
  • Update any team contact lists or responsibility matrices
  • Note if the user's responsibilities transferred to another team member

Confirm no orphaned resources:

  • Simple Analytics typically maintains dashboards and configurations even after user removal
  • Verify critical configurations weren't solely managed by the removed user
  • Reassign ownership of any important custom setups

Common Removal Scenarios

Employee Offboarding

Situation: Full-time employee is leaving the organization.

Process:

  1. Coordinate removal with HR offboarding timeline (typically last day of employment)
  2. Export audit trail showing their role and access history
  3. Identify and document any tracking configurations or custom dashboards they created
  4. Remove user from Simple Analytics along with other system access
  5. Update team documentation to show their responsibilities transferred

Contractor or Consultant Engagement Ends

Situation: Fixed-term contract has concluded.

Process:

  1. Verify contract end date has passed or project deliverables are complete
  2. Export final reports or dashboards the contractor created for handoff
  3. Document which websites they accessed and what analysis they performed
  4. Remove access on contract end date
  5. Update stakeholder list to remove contractor contact information

Client No Longer Requires Dashboard Access

Situation: Client relationship has ended or client no longer wants their own login.

Process:

  1. Confirm with client that they no longer need access (put request in writing)
  2. Export any final reports they may need for their records
  3. Document the client's request to revoke access
  4. Remove their Viewer account
  5. Update client engagement records to note analytics access was terminated

Role Change Requires Different Access

Situation: Team member moves to a different department or role.

Process:

  1. Determine if they need different access (consider using Update Access instead of full removal)
  2. If they still need some analytics access, downgrade to Viewer rather than removing
  3. If they need no access, proceed with full removal
  4. Document the role change as the business justification
  5. Update organizational charts and access matrices

Alternative to Full Removal: Downgrade to Viewer

Before completely removing a user, consider whether downgrading their access is more appropriate:

When to downgrade instead of remove:

  • User may need occasional read-only access to data
  • Maintaining account provides continuity for historical audit trails
  • User is moving to a role that still touches analytics occasionally
  • Removing would complicate future access if needs change

How to downgrade:

  1. Use the Update Access procedure instead
  2. Change role from Admin to Viewer
  3. Limit website access to only essential properties
  4. Document the downgrade and its justification

Troubleshooting Removal Issues

Cannot Find User to Remove

Symptoms: The user you want to remove doesn't appear in the team list.

Solutions:

  1. Verify you're looking at the correct Simple Analytics account (if you manage multiple)
  2. Check if user was already removed by another admin
  3. Confirm the user actually had an account (they may have been sent an invitation that was never accepted)
  4. Review deleted/removed users if Simple Analytics provides that history

User Can Still Access After Removal

Symptoms: User reports they can still log into Simple Analytics after you removed them.

Solutions:

  1. Verify you removed the correct user (check email address carefully)
  2. Confirm the removal saved (check team list to ensure they're truly gone)
  3. Ask user to log out completely and attempt to log in again
  4. Clear browser cache or try incognito/private browsing mode
  5. Verify there isn't a second account with a different email address
  6. Contact Simple Analytics support if access persists after these steps

Need to Restore Accidentally Removed User

Symptoms: You removed the wrong user or removed someone who still needs access.

Solutions:

  1. Simple Analytics typically doesn't have an "undo" for removals
  2. Re-invite the user following the Add User Access procedure
  3. Reconfigure their role and website access to match what they had before
  4. Document the accidental removal and restoration in your audit trail
  5. Consider implementing a confirmation step in your removal process to prevent future accidents

User Removal Affects Shared Resources

Symptoms: After removing a user, certain dashboards or configurations are no longer accessible.

Solutions:

  1. Simple Analytics generally maintains resources created by removed users, but verify
  2. If resources disappeared, check with Simple Analytics support about restoration
  3. For future prevention, ensure critical configurations are documented and not dependent on any single user
  4. Consider having multiple admins who understand critical setups

Security Best Practices for Access Removal

Timely revocation:

  • Remove access on the user's last day of employment or contract end date, not days later
  • For high-privilege Admin accounts, consider immediate removal upon departure notice

Comprehensive offboarding:

  • Include Simple Analytics removal in broader offboarding checklists
  • Coordinate with HR, IT, and project managers to ensure all systems are covered
  • Verify removal is complete before closing offboarding tickets

Audit trail maintenance:

  • Always export and save evidence before removing users
  • Document who requested the removal and why
  • Maintain records for your organization's retention period (often 7 years for compliance)

Regular access reviews:

  • Conduct quarterly reviews of all team members with access
  • Remove stale accounts from contractors whose engagements ended
  • Challenge accounts that haven't logged in recently

Emergency removal procedures:

  • Establish a process for immediate access revocation in security incident scenarios
  • Ensure multiple admins can remove access (don't rely on a single person)
  • Document emergency removal in incident response procedures

Compliance Documentation

When removing users, maintain these records:

  • Pre-removal snapshot: Screenshot of user's role, email, and website access
  • Removal date and time: When access was revoked
  • Business justification: Why access was removed (offboarding, contract end, etc.)
  • Requestor information: Who requested the removal
  • Verification: Confirmation that access was successfully revoked
  • Related actions: Any API key rotations, responsibility transfers, or configuration updates performed alongside the removal

Store these records according to your organization's compliance requirements. For regulated industries (finance, healthcare, etc.), access removal documentation may be required for audits.

Nach oben