Roles and permissions definition | A brief guide

Published by Alex Olivier on October 22, 2023
image

When discussing software access the terms “roles” and “permissions” refer to creating a framework that can be used to define each user and determine who has access to what digital resources. Roles and permissions also determine the type of actions a user can perform with those resources. For example: some users will have “read only” permissions while others will have editing or other permissions based on their role. Let’s take a closer look at both of these terms and how they impact activity related to digital assets.

Defining roles and permissions

Roles and permissions enable administrators to establish an access hierarchy among users. Here’s how it works:

Roles

When it comes to the management and access of digital assets common roles include “admin”, “editor”, “moderator” and “viewer”. Each of these roles will then be assigned a set of permissions. For example, the admin will typically have complete access to data and system features and be able to change system settings. An editor by contrast may be able to edit specific documents but is unable to affect any system-wide changes.

Permissions

Once roles have been established permissions are assigned which specify what actions are associated with a given role. Typical permissions include reading, editing, creating or deleting data. Other permissions include the ability to manage users and configure settings. In most cases, permissions are related to specific digital resources such as folders, files, database records and more. 

Advantages of implementing roles and permissions

By creating roles and then assigning role-specific permissions the system prevents unauthorized and unqualified individuals from wreaking havoc with important company data or perhaps violating SOC2 and ISO27001 standards regarding the handling of said data.

There are several advantages to implementing the roles and permission model, including:

  • Proactive security: Rather than chasing down violations after the fact the roles and permissions model enables you to prevent unauthorized actions before they can occur.
  • Scalability: As the company or organization grows you can add new roles and modify permissions quickly and easily. Any modification made to a role is immediately applied to everyone assigned that role.
  • Clear audit trail: The roles and permissions model produces a clear audit trail that can be used to ensure accountability.
GUIDE

Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team