Selecting what data sets each user or group of users has access to greatly impacts your data security. Selecting appropriate user permissions is a necessary balancing act between security and utility. You must find the appropriate balance between limiting the risk of data being lost, stolen, misused, or damaged on the one side and making sure employees have the access to the information and systems they need to do their job.
Balancing security and utility doesn’t have to be an all or nothing game. The time it takes to establish granular data security controls is well worth the investment. Instead of having permission sets with full access or very limited access, different employees and groups of employees should have their level of data access finely tuned to give them everything they need to be effective in their jobs, but nothing more.
To help users do their jobs effectively without exposing private data they do not need to see, there must exist flexibility on the part of the IT security team. This team must be able to create granular security profiles that will show different sets of data to different sets of users.
Field-level security lets administrators specify what fields within a database should be viewable and editable by users fitting a particular security profile. For example, field-level security could block employees from viewing credit cards, banking information, or social security numbers of customers in the database. However, it could also make that data available to the billing system that will need that information in order to bill customers.
Record-level security can provide access to a particular set of records in a database, while hiding the rest. For example, record-level security could be used so that sales people are only able to see information pertaining to their accounts or leads in their territories. They don’t need to see what leads other sales people have or what account activity, sales numbers, or discount approvals have happened within other employee’s accounts. Record-level security helps employees to stay focused on their own data.
Making appropriate permissions for users across an organization is a difficult task. It may be helpful to use a spreadsheet to lay out the various groups of users in your organization and the level of access each should have. This will make it easier to visualize the records and database fields to which each group of users will have access.
When setting up these permission, err on the side of security. It is much easier to add additional permissions than to try to explain why a group of users had access to data they shouldn’t have been able to see. It is better to have users running with security profiles with very limited functionality, adding additional permissions as needed rather than letting users work with elevated permissions. Elevated permissions may increase risk by letting users access and edit data that is unrelated to their job. If you discover users have permissions to view data they shouldn’t, you should be willing to remove their access and only restore it if it becomes clear that access to that data will help them perform their duties.
The risks involved with looser permissions for most employees is that some may not know what they are doing, and could make costly errors that result in data loss or disrupted work flows. By limiting what a user is able to do on a system, it limits the scope of the problems user error can introduce to the system.
Keeping track of the various permission sets across your company is a difficult challenge. RACF provides much of functionality to create and manage these permissions on the mainframe, but ASPG’s Easy RACF Query (ERQ) program will give you the administrative and reporting tools you need to set up the granular permission that will strike the perfect balance between security and utility.