Roles a simple key control

Designating roles within a network is a simple control that most companies do not consider. Roles have clear benefits and the allocation of roles allows for the streamlining of the organisation while having large impact on ISO and general structure.

Roles

In the context of the article roles are restrictions and rights given to a role title in a network. An example of this would be finance in the network this role would need access to areas and information a production role would not.

Benefits of roles rights

Roles allows the access of specific documentations to be more easily monitored and viewed over. This allows a incident to be tracked easily as a list of users with access will be readily available. Limiting the damage a individual can do with limited access and having less customer data at risk due to less access lowers inherent risk.

More benefits

Onboarding of staff is easily done as this allows a form of checklist to be made for access for that role. As these are predefined a individual with a role will be associated with certain rights. This means when someone leaves for example in finance a checklist of what needs removing in assets and access is readily available.

Adjustments

If a user or group needs more or less access rights can easily be taken away or given meaning less downtime or issues occur. If an account or collection of accounts are compromised sweeping access restrictions are easier to put in place without hampering limited operations. Allowing quarantine of sections of the company quickly can reduce the harm an attacker does.

Summary

Access rights alongside roles and responsibilities’ are areas that influence roles and benefit from groups being created. Being able to disclose and know what groups are able to access information but also applying defined specifics outside of information security can help.

Our page on 27001 is available here.

Share This Post:

Facebook
Twitter
LinkedIn
Pinterest
Email
WhatsApp
Alex Cunningham
Alex Cunningham
Alex is an information governance graduate, his main role is to support clients on how to help mitigate information security risks. Having recently graduated with a degree in Cyber Security with a focus on user-based security issues and risks. Alex enjoys playing video games, watching movies and going outside to visit new places with his dog Ruby.
What our clients say:
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue