Within any enterprise application you have numerous roles, possibilities, rights and restrictions. In every scenario, some users have more rights than they need and vice versa. Effective role management within enterprise applications such as Documentum and Office365 is essential. Not only for proper assignment of user access rights and control, but also to make sure that everything is in accordance with your company’s data policy and the country’s legal rules around data protection (e.g. the EU’s GDPR).
The age-old expression ‘Knowledge is power’ can be applied to this very subject; no matter if you are an IT engineer with access to an HRM application or if you are the head of a department with access to an ECM application: you usually get full access to all the information the application contains. You could ask yourself: ‘do you need access to this (part of the) application to do your job?’ Very often employees obtained access in the past because they needed specific bits of information to do their job, but after the job is finished and the information is no longer needed, access is not withdrawn.
Reassessing who needs which information and making sure that after the job is done, access is withdrawn, is of great importance. Neglecting this is seen as a massive risk in your data protection and in many data compliance policies. Knowledge about employees, processes, project results and more insight into the company your work for, never minding your role or whether you’re an external or internal employee: if your user management is not up to date, this is available to employees who (most likely) don’t need it. This way, you set out a company structure of a Kingdom of Kings: they all have access over valuable and sensitive information.
When designing systems, the access control lists of users are composed and developed to set out a role-based access control (RBAC). Often enough this RBAC is not maintained or updated frequently, drowning your application with ghost users and users who shouldn’t be in your user list.
Specific processes and tools that are necessary for effective role management consist of role mining and specific role design, role recertification, and access recertification. These should be audited frequently to keep your access lists up to date.
Extra work and constant maintenance for an application, is the nightmare for any system administrator and the business using applications. That’s why it is crucial to use a loop to make sure your RBAC is up to date, ensuring that roles are periodically updated based on current business requirements that could have changed over time as we can see in reorganizations, mergers and acquisitions of a specific employee, department or even an entire company.
A development of your business should not lead to a pitfall in your user management and lead to possible data protection risk. Both products of Documentum (xCP) and Office 365 (Azure) offer RBAC solutions to ensure that risk is minimized. Regardless, this raises the inquiry ‘how does one software solution connect to the other?’ without letting a user getting too much power.
Artificial intelligence has come a long way to get your RBAC in order, including your total users. The mutation of an employee can initiate a process that the user’s access can be amended to its new role not just within a singular application but throughout the entire application suite that the user works with. Blockchain technology has mainly been associated with financial transactions but can be included within an ECM environment as well. A blockchain is a continuous list of records, that are linked through cryptography. The records referred to as ‘blocks’ all correspond to a distributed ledger, that keeps the transactions up to date. Every block contains a timestamp and transaction data, locking the content and preventing unauthorized modification. Blockchain can ensure that your user management of your application suite is secure and always up to date. This helps you to avoid the creation of a ‘kingdom of kings’ and makes sure your user management is in accordance with your business’ and your governing country’s data compliance.
Probeer OutSystems Gratis
Vond je bovenstaand bericht interessant? Misschien kunnen we je interesse ook wekken voor iets anders.
OutSystems Free Edition is de gratis, cloudgebaseerde versie van OutSystems die je nu kan gebruiken. Met deze geweldige gratis editie kun jij persoonlijke applicaties maken, implementeren en uitvoeren. Je kan elke mobiele of webapplicatie ontwikkelen die met OutSystems kan worden gebouwd.
Vraag nu jouw eigen omgeving aan. We horen graag hoe jouw ontdekkingstocht verloopt!
Ed is manager van de Business Solutions van Informed Group en neemt vanuit die rol deel aan het Management Team.
Hij is tevens lid van het Leadership Team, de technische denktank van Informed Group. Daarnaast is Ed een zeer gewaardeerd lid van de AIIM Leadership Council.
Deel dit nieuws!
3447 GX Woerden
Neem contact met ons op via:
+31 (0)348 342115
Neem contact met ons op via:
+32 (0)330 47 137
1 the Crescent
Co Cork T56 E422