Blog for the love of learningLearn Quickly - implement immediately

Sailpoint Online Training
RBAC (Role Based Access Control)


  • Role as you know is what you do or your function in an organization. In Role-Based Access Control, you are given rights for being able to access different resources (Files, systems, logins or servers), those are allowed to be access for the role you hold in the organization. Here the access is not associated with that particular user but it is associated with a particular Role, once they get one or more roles, based on those roles give them access to various systems.

    For example, a Project manager may have access to all the files, the developers or people doing QA may access different files and systems. Payroll manager and HR function may be able to look at files that have people’s salaries and so on.

    So RBAC, is not to have direct access rights for users but that the Users must be activated into one or more roles. And So an enterprise gives access based on job function or role of a given user.
    Access rights is associated with roles so users when authenticated allows users into particular systems. Role activation is something else that has to be added to this process.

    An organization defines policy has two steps:
    - activating a role for a user
    - based on that deciding what the user can access.

    These are benefits to have role-based access controls in organizations:
    a. Companies policy defines, what roles have kind of access for resources in the system, So the policy doesn't need to change when a certain person leaves the organization.
    b.When a new employee joins And as soon as we decide their role, based on their function and what resources they should have access to automatically happens, because that role, along with it has had an access right to various resources.
    Always Remember, least privilege, is one of the design principles, that should always execute with the least number of privileges or access rights.

    Roles sort of give you this ability to control, if you're in a certain role at a given time only the resources needed for that role should be available at that point, and this can be done with RBAC.

    Post Tags - Sailpoint online training, Sailpoint Uses RBAC

    Check our Sailpoint Online Training course details