Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

User profiles in Access Control Policy

With regard to the Access Control Policy, do you recommend developing the user profiles in 3.2 and 3.3? Or would it be sufficient to describe generally the sorts of positions that get access to certain sorts of accounts?

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

For instance, software engineers get access to production servers and related services as needed to perform their work.

Answer:

For very small companies it might be enough to define who has to access what based on their job titles, but if you have more than 20 employees it would become too difficult to define access rights by job title only - there will be too many different functions.

Therefore, if you're not a very small company I think it would make sense to develop at least one user profile that would be applicable to every employee (e.g. access to internal file server, email system, core application, etc.) and then you can define some privileges for particular employees as needed.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community