Skip to main content

Role Based Access Control (RBAC)

  • Updated

Our new Role Based Access Control wants to give you a more clearly structured role management and the possibility to assign services to specific persons without running the risk of assigning unnecessary rights and can thus better ensure data protection.

 

High-level Overview

We would like to introduce a more robust and intuitive role management inside the Control Panel. This focuses on implementation of service specific roles. One user with assigned admin role can have access to multiple products, which allows a more granular access management. Additionally, we renamed the current "Admin" role to "Global Admin", which will inherit the current Admin permissions.

 

Selection of global roles:

 

Selection of product roles:

 

Global Admin

  • Current admin role (Full access to everything)
  • Assign or revoke the Global Admin role to other users (Only Global Admins can perform this action).
  • Assign or revoke product-specific admin roles to users, defining the specific Products for each assignment.
  • Assign or revoke other Control Panel roles (individual roles, service desk, SAS Group admin)
    (Only Global Admins are permitted to assign these Control Panel roles).

 

Product-specific Admins

  • An administrator whose permissions are equivalent to a Global Admin but strictly limited to one or more products in Control Panel.
  • Can only view and manage sections, data, users, and settings pertaining to the products explicitly assigned to them by a Global Admin or service-specific admin with the same set of permissions.
  • Can have multiple products or services assigned
  • Assign or revoke the same product-specific admin role for the exact same product list they possess to other users. This allows delegation of responsibility. 

 

Product roles 

  • DMARC Manager
  • Total Backup
  • VM Backup
  • Email Security
  • Signature & Disclaimer → Will replace the current marketing role
  • Reporting → Will replace the current reporting role
  • Security Awareness → Will replace the current security_awareness role
  • Permission Manager
  • AI Recipient Validation
  • Teams Protection
  • Tenant Manager (Only for Partners)
  • Business Manager (Only for Partners)

 

MFA enforcement

We would also enable the “Enforce multi-factor authentication for administrators” function, which forces the use of MFA for all admins, Global or product-specific admins.

Related articles

Articles in this section
See more