New Feature: Role Based Access Control
Role-Based Access Control provides control over user a user's role within Vanta based on a pre-defined set of permissions. In software applications, it’s important to ensure that users have the appropriate permissions and can only view data or perform actions required for their role, consistent with the “principle of least privilege.” Learn how to leverage our new role-based access feature here!
Let us know your thoughts in the comments!
Comments
2 comments
Shannon,
Question: Can the Roles (Admin/Editor/View-Only Admin/Auditor/Sales) be assigned to Groups? This would perhaps work like Employee 'A' is assigned to Group 'A-J', and so she is assigned as an Editor...but not an Editor of 'A-Z', just an Editor of her Group 'A-J'. Is this a possibility?
Otherwise, as I understand it, every Editor that I make can edit everything in my Organization. Is this correct, or am I applying the permissions incorrectly?
Hi Benjamin!
You're correct in your understanding. Currently, when you assign a role like Editor, that person gets access to edit everything within the scope of that role for the entire organization, not just a specific group.
Please sign in to leave a comment.