Role-based Access Control: Keeping Your Business Out of Harm’s Way

April 19, 2017

When our baby first started crawling, we installed gates in all the doorways.  This kept her in safe, baby proofed areas.  We didn’t have to worry about her accidently wandering into a room and getting into something that could harm her.  It also allowed us to keep some things “nice” that a toddler would normally want to “play” with.


Controlling Access for Security Best Practices

But, what does this have to do with role-based access control (RBAC)?  Well everything.  As she grows and gains more skills, we adjust her access to the house.  It might be low tech, but it is real life role-based access control.

As a consultant, I’m constantly surprised by how many environments still do not implement access control best practices. They might have one or two controls (baby gates) set up, but these controls are still too permissive for the number of employees that exist within the environment.

If you put a gate on one door to a room, but don’t do anything about the other door, then the room remains unprotected. The whole idea behind setting up access controls is to ensure that your corporate data is not just protected, but that your employees are too.

Keeping Up with Baby’s (and Your Business) Growth

As our daughter moved to toddler stage and started to walk, we installed more gates in certain areas (stairs) but took down others, like between the living room and playroom. This allowed her to expand her exploration area while keeping her from harm. As she continues to grow, we will continue to adjust her areas of free exploration until she can roam the house safely without all the gates.

The need to protect core business functions is not new, but the landscape has changed. Employees are moving further from the corporate campus and using more mobile technology. This creates challenges in maintaining privacy and confidentiality.


Part of my daily job is to help customers set up these controls. It used to be as simple as setting up RBAC or a firewall because that was all you needed, but our security needs have grown with our technology needs. RBAC and firewalls protect one door into your environment, but what about all the others?  If you have mobile devices, a cloud environment, or apps, these are other doors into your network that need protecting.

Lately I have been spending a lot of time assisting customers in setting up cloud roles, implementing multi-factor authentication, mac management, privilege access management and privilege session management.

Setting up controls can seem daunting, but these are simply growing pains. Growing pains that can easily be worked through to achieve great security against potential attacks and reduce the risk of costly breaches.

Learn more about Role-based access and how it makes least privilege access easy here

This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.