Security Posture Best Practices

Using Groups

  • Updated
With Vanta, the default security requirements can be changed for all users or a subset of employees. For example, if you want contractors to have different needs than full-time employees, you can create a group for them. Using groups helps you manage permissions and tasks more efficiently than relying solely on individual users.


Using Groups Effectively

Identify employees based on roles:
  • You can use the group to show what role an employee has. This is helpful because a business user, like an account executive, presents less risk regarding their access, and you may want to keep their inbox open. On the contrary, engineers offer a higher risk due to increased access and should be fully offboarded quickly. You can also note that groups can access vendors for a smoother offboarding process. 


Different groups have different security requirements:
  • There is a highly likely chance that not everyone is required to complete the same onboarding activities. For example, your board of directors may have email addresses in your domain, but having them accept all policies or monitor their machines might not necessarily make sense. 
  • Another example is that contractors may come from a firm where their machines are being monitored and do not need your company's MDM or the Vanta agent.