forked from muddledsignal/class
-
Notifications
You must be signed in to change notification settings - Fork 0
Login & Auth
Matthew McQuain edited this page Jan 11, 2019
·
1 revision
- RBAC restricts network access based on someone's role in the organization.
- Commonly used for access control, and only gives access to information relevant to the person's job duties.
- Keeps sensitive data away from people that don't need it.
- Management role scope: limits what objects the role group is allowed to manage.
- Management role group: ability to add/remove people.
- Management role: tasks that can be done by a specific role w/in the group.
- Management role assignment: links a role to a role group.
- Managing network access is super important for info sec, and should be done on a need-to-know basis.
- We can reduce the total amount of administrative work and IT support needed to deal with the hiring/firing of people. Just add/remove people from role groups.
- RBAC helps us streamline and maximize operational efficiency, allowing people to do their jobs more efficiently and with less interruption.
- RBAC allows us companies to manage regulatory requirements for privacy and such in IT departments.
- We can better manage how data is being accessed and used.
- We need to take a few things in to consideration when implementing RBAC.
- Current Status: We need to create a list of all the software/hardware/applications that use some type of security (passwords etc). We need to know who has access to all of those devices.
- Current Roles: We need to figure out who needs access to what, and why.
- Write Policy: We need to document any changes that are made to our policies so that employees know what's expected of them.
- Make Changes: After we get the list of what we have, what we need, and who needs what, we can implement our changes.
- Continually Adapt: As with all things in the tech industry, things will needs to be changed/tweaked as roles change.