Users can now be added to multiple roles within Secure and Govern. Secure and Govern RBAC is an additive model, so a user’s effective permissions are the sum of their role assignments.
In cases where a user has multiple roles, an administrator should configure how RBAC is applied, so any conflicts between roles are addressed and a user does not end up with more permissions than intended. This is one way that organizations can ensure separation of duties.
Roles based access (RBAC) allows Admins to restrict access and delegate specific responsibilities to other users. You can create distinct roles to allocate responsibilities among your users. For example, you might want only your legal team the ability to view the sensitive content in an unredacted form within your repository, which you can now accomplish by creating a separate role for them.
Predefined Default Roles
Our solution supports three predefined default roles: Admin Role, Data Owner Role, and Basic User Role. These are the most commonly used roles in most of the organizations. The permissions of these roles have been predefined and can be directly assigned to individual users. Admin Role will have all the privileges and permissions for the entire system. Data Owner and Basic User Roles will have the ability to log into Secure & Govern but very limited system access.
For more information on Data Owner restricted view option see Data Owner - Restricted Views in Secure & Govern.
Custom Roles
With Custom Role, administrators can grant precise privileges based on each user's responsibilities and business needs.
Create a new Role
- Navigate to the Settings, then click on User Management and click on the Roles tab.
- Click the 'Add Role' button.
- Select the abilities that you want to provide to the role and then click the "Save Role" button to save the role.
- You can also Edit, View, or Delete the Role.
Assign User to a Role
Using Users Tab
- Navigate to the Settings, then click on User Management and click on the Users tab.
- Click the 'Add User' button.
- Enter the details about the user and then assign the "Role(s)" by selecting from the list of options.
- Click on "Add" to create the User with the desired Role.
Using Roles Tab
- Navigate to the Settings, then click on User Management and click on the Roles tab.
- Click the 'Edit role' option for the desired user role
- Got to the "Users with this role" tab
- Select the "Add user to role" button
- Enter a user name or email address in the "Add a new user" window
- Select the "Add" button
Reviewing User Role Assignments & Effective Permissions
- Navigate to the Settings, then click on User Management and click on the Users tab.
- Click the ">" (arrow) to the right of the desired user
- Users detail window appears.
- From here, you can review the user's role assignments. You can also remove a role assignment by selecting the "trash can" symbol found to the right of the role.
- Select "Show effective permissions" to review a users full system permissions
