top of page

The Use of Role Based Access Control to maintain security and confidentiality within government systems

Office Scene
Written by Tyra Suleman

By minimising the risk of data breaches and unauthorised access, a stronger sense of trust can be built fostering a sense of security and reliability.

The Challenge

​​​

  • Maintaining data can be a complex challenge, particularly within government systems where large numbers of employees can join, move and leave within the organisation and will require varying levels of access to sensitive information.

  • Without the management of access rights to streamline control over user permissions this was creating a headache for the security team who had to strike the fine balance between keeping data safe and allowing staff to be able to do their jobs effectively.

 

 

Our Solution

​​​

  • Identified that the Joiner-Mover-Leaver (JML) process was a crucial framework for managing user efficiency and ensuring all employees have the correct access rights across the organisation. The implementation stage can be a lengthy process requiring a thorough analysis of job functions, responsibilities and access conditions.

  • By working closely with those within the organisation both roles and permissions were clearly defined and it became clear which RBAC framework was the most suitable for the client environment.

  • Continuous adaptation was a notion 'baked in' to the project as organisations evolve and roles and permissions need to be regularly reviewed for relevance.

​

Key Outcomes

​

​

  • Enhanced Security – government entities handle large amounts of sensitive data and by employing a RBAC model and the Principal of Least Privilege has reduced the attack surface and potential security breaches within the most classified areas of government.

  • Improved Efficiency – operational efficiency is the backbone a successful organisation and with the power of RBAC operations were significantly streamlined across the organisation reducing administrative overheads and guaranteeing a certain level of consistency.

  • The organisation was more equipped to meet regulatory requirements and security standards

  • Streamlined Access for Users – in a dynamic working environment users can change roles quickly and by grouping users into roles access can then be updated quickly saving both time and effort.

Novus-i2

Registered Office

​

Novus-i2 Ltd

71-75 Shelton Street

London

WC2H 9JQ

​

Email: tom.wigmore@novus-i2.com

​

​

  • LinkedIn
  • YouTube

Follow Us​

​​

          

​

​

​

bottom of page