Self-Service & Access Reviews
To prevent cyberattacks and data theft, the default set of permissions is kept as small as possible. This approach, also known as the Principle of Least Privilege (POLP), is considered a best practice in cybersecurity and widely mandated by IT regulations.
Whenever additional permissions are needed, users can request them through a self-service platform. The request is sent to the data owner, who can grant access to any resources under their control and must regularly perform access reviews for permissions they have assigned.
Regular user access reviews ensure that permissions and accounts that are no longer needed are removed before they become a security risk, making them an essential part of an effective cybersecurity strategy.
All changes made to access rights, including the results of access reviews, are automatically documented by tenfold. Together with tenfold‘s powerful reporting tools, this helps organizations prepare for compliance audits and prove that they implemented effective access controls.