Word of the Day: role-based access control (RBAC)

Word of the Day Daily updates on the latest technology terms | May 10, 2019 role-based access control (RBAC) Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise. RBAC lets employees have access rights only to the information they need to do their jobs and prevents them from accessing information that doesn't pertain to them. An employee's role in an organization determines the permissions that individual is granted and ensures that lower-level employees can't access sensitive information or perform high-level tasks. In the role-based access control data model, roles are based on several factors, including authorization, responsibility and job competency. As such, companies can designate whether a user is an end user, an administrator or a specialist user. In addition, access to computer resources can be limited to specific tasks, such as the ability to view, create or modify files. Limiting network access is important for organizations that have many workers, employ contractors or permit access to third parties, like customers and vendors, making it difficult to monitor network access effectively. Companies that depend on RBAC are better able to secure their sensitive data and critical applications. Benefits of RBAC There are a number of benefits to using RBAC to restrict unnecessary network access based on people's roles within an organization, including: Improving operational efficiency. With RBAC, companies can decrease the need for paperwork and password changes when they hire new employees or switch the roles of existing employees. RBAC lets organizations quickly add and change roles, as well as implement them across platforms, operating systems (OSes) and applications. It also cuts down on the potential for error when user permissions are being assigned. Additionally, with RBAC, companies can more easily integrate third-party users into their networks by giving them predefined roles. Enhancing compliance. Every organization must comply with local, state and federal regulations. Companies generally prefer to implement RBAC systems to meet the regulatory and statutory requirements for confidentiality and privacy because executives and IT departments can more effectively manage how the data is accessed and used. This is particularly important for financial institutions and healthcare companies that manage sensitive data. Giving administrators increased visibility. RBAC gives network administrators and managers more visibility and oversight into the business, while also guaranteeing that authorized users and guests on the system are only given access to what they need to do their jobs. Reducing costs. By not allowing user access to certain processes and applications, companies may conserve or more cost-effectively use resources, such as network bandwidth, memory and storage. Decreasing risk of breaches and data leakage. Implementing RBAC means restricting access to sensitive information, thus reducing the potential for data breaches or data leakage.   Continue reading... Quote of the Day "While the use of access groups is a great way to reduce the number of access policies that need to be created and maintained, many businesses lump too many users into a single group. The result is some users are granted access to applications and services they don't need." - Andrew Froehlich Trending Terms third party access control role mining mandatory access control access control list Microsoft Exchange RBAC Learning Center What are some of the top identity and access management risks? You may confront a variety of identity and access management risks when you decide to deploy the framework. But if you plan correctly, you can keep risk at a minimum. How to properly prep a container infrastructure The creation of a well-prepared container infrastructure begins with an understanding of application characteristics, use cases and the needs of developers. IT operations teams will also need to take into account how containerization will interact with infrastructure already in use. Kubernetes 1.8 goes GA with RBAC, but security work remains Kubernetes 1.8 delivers production-ready RBAC, but other security features are still in early stages of development. Develop an IAM strategy for the mobile enterprise As mobile devices create complications for the enterprise, the importance of having a strong IAM strategy rises. Evaluate current identity management technology and look toward the future with this comprehensive guide. The new role of identity and authentication in the enterprise Explore the new market for identity and authentication products. And, once you've made a buying decision, understand how to use them effectively. Quiz Yourself Due to a configuration problem, _____ email servers are down and users have no access. a. you're b. your Answer Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com Visit the Word of the Day Archives and catch up on what you've missed! FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.