- How do you insure that only authorized users are accessing your sensitive data?
- How can you enable collaboration across organizational boundaries, quickly and easily?
- How do you prevent enterprise security needs from becoming an unwieldy monster?
Role Based Access Control (RBAC) simplifies administration of security policies in large and complex organizational structures, and minimizes organizational silos
So what exactly is RBAC? It’s a gate-keeper mechanism that determines who has what type of access to which objects.
For example, RBAC answers questions like "which service requests show up in Leah’s workspace?", "Can Jeremy dispatch a complaint request from the MRI Imaging dispatch queue folder?", or "Can VP’s from our North American Truck Division run reports on the European Piano Division?"
RBAC supports groupings that make it both easier to manage the security database, and enhance integrity. Namely:
- People can be assigned to Teams
- Privileges can be assigned to Roles
- Teams can be assigned to Roles
Without groupings, security management would become an unmanageable, unreliable nightmare in short order. In a situation where there are 1000 users, 100 folder hierarchies, and 30 privileges, we would have 3,000,000 entries to maintain.
With groupings, we simply define roles (collection of privileges) and teams (collection of users), and give them access over departments (or folder subtrees).