Published On: 23. February 2022

Authorization concept:
Best practice recommendation

IT security is an omnipresent issue for companies. Which employees really need access to certain sectors and access to (sensitive) data? What does effective protection against sabotage or hacker attacks look like?

The German Federal Office for Information Security (BSI) recommends that critical infrastructures (KRITIS) have access controls – both physical and logical – among other things. A suggestion that is also relevant for companies without KRITIS classification.

In terms of IT security, you therefore need an authorization concept that makes access traceable, protects against internal and external attacks and at the same time supports IT administration in a way that conserves resources. What aspects should you consider when designing such a concept? Find out in our blog post.

Three steps to your optimal authorization concept

Berechtigungskonzept Best Practices

But before you establish these in your company, it is worth taking a look at your current authorization structure. Check: Are there historically grown authorization structures?

Large amounts of unstructured data accumulate in the form of documents and files and the file server structure is becoming increasingly confusing. Who has which authorizations? If there is no overview, a security gap is created.

Reasons for an opaque authorization structure can be:

  • Restructuring within the organization
  • Change of technical platform, people and areas of responsibility
  • Manual errors in the assignment of authorizations
  • Permanent manifestation of temporary interim solutions
  • Missing documentation or documentation that deviates from the technical conditions
  • Changing requirements for data access

Good to know

The NTFS Permission Analyzer analysis tool helps you to determine the current status of the NTFS permission situation on your file servers. The NTFS Permission Analyzer is a reliable tool for gaining an overview in a simple way, especially when you are confronted with historically grown permission structures, a file server migration is pending or a restructuring of the file servers is to be carried out.

At the same time, the NTFS Permission Analyzer also prepares the first step on the way to future automated permission management via the Access Manager.

Implementing the authorization concept: Which software tool supports you and how?

Secure management of authorizations is possible with a software solution that supports IT administration. This is the only way to establish authorization assignment in the long term,

The extent to which a software solution should support the creation of a new concept is a decision for the administration. It helps to clarify the choice internally: What level of support do we want to use and how much should be implemented automatically in the future? You have the choice between tools for simple evaluation of the existing situation through to fully automated authorization management that is specifically aimed at end users and data managers.

The technical implementation takes place entirely via the system, so that no IT background knowledge is required for use. This means that authorizations can be assigned in a user-friendly and comprehensible manner using self-service.

The aim of automated authorization assignment using self-service is to shift the responsibility and handling of authorization processes away from IT administrators and towards data controllers. The defined target status can only be maintained in the long term if authorizations are no longer assigned “bypassing the system”, but via the request and approval workflows provided for this purpose.

This is how we support you

Your solution around file servers, SharePoint, Active Directory and third-party systems – From standardizing user and access management to supporting the supply of IT services: Optimize entire process chains with BAYOOSOFT Access Manager and sustainably reduce operational efforts while increasing information security.

Is your company looking for a strong partner for management software solutions?

Contact us now and we will introduce you to our products without obligation.

Klingt spannend? Teilen Sie diesen Beitrag doch mit Ihrem Netzwerk.

Is your company looking for a strong partner for management software solutions?

Contact us now and we will introduce you to our products without obligation.