Role Development

Manual Role Development is a complex problem. Your IT department struggles with delivering the service quickly because the process of handling requests and manually adding users to each resource and application is time consuming.  It’s a daily challenge to provision new users with the right systems and applications across the globe. In addition you have the ongoing changes and de-provisioning of users as they leave the organization.  Tracking requests for change is often paper driven, error prone, and can be costly to maintain and audit.  Depending upon the size of your organization, the challenge expands to include partners, vendors, suppliers, customers and so on.  Each of these users has unique identities that must be managed to assure audit compliance with multiple regulatory bodies.

Also it requires you to choose the right model of access control that suits your organization’s security policy.  The selection of a model is influenced by regulations, and also by the type of resource protection you choose. There are three main models, Role Based Access Control, Discretionary Access Control, and Mandatory Access Control:

Role Based Access Control (RBAC)

Role Based Access Control (RBAC), as its name suggests, is the granting of access privileges to a user based upon the work they perform within an organization.  A user can be assigned to a single or multiple roles either automatically or manually. The membership to each role grants access to specific resources.

Discretionary Access Control (DAC)

Within the DAC model the owner of a resource decides on whether to allow a specific person access to their resource. This system is common in distributed environments that have evolved from smaller operations into larger ones. When it is well managed, it can provide adequate access control, but it is very dependent upon the resource owner understanding how to implement the security policies of the organization, and of all the models, it is most like to be subject to management by mood.

Mandatory Access control (MAC)

The mandatory access control (MAC) model is where the resources are grouped and marked according to a sensitivity model. This model is most commonly found in military or government environments. One example would be the markings of Unclassified, Restricted, Confidential, Secret, and Top Secret.  User’s privileges to view certain resources will be dependent upon that individual’s clearance level.

intiGrow’s Role Development Methodology allows you to automate the lifecycle of user provisioning, user changes and user de-provisioning.  It enables your IT department and the business managers to quickly provision users with the right systems and applications. Ensuring that authorized people have access to the correct resources. intiGrow’s Role Development Methodology provides a good system for tracking of leavers, joiners, and job changes.  In addition it will deliver the audit trail of who has accessed what resources.