Now that you’ve imported all your data, you need a way to protect it from being stolen, damaged, or hijacked. Often when people think of protecting their data, they worry about outside threats, but you also need to protect against the damage that can be caused intentionally or accidentally by the actual people who will use your solution.
First, you will need to figure out which people need access to your solution and what kind of privileges they should have. It is best to think of them based on their groups or roles within the system.
Your next step will be to require users to log in with their own account. It might be tempting to create a single account for your system so that everyone can use the same username and password, but this is a dangerous practice. Since the same account is shared by everyone, the odds are higher that the credentials will be discovered by someone intending to do you harm.
It’s much better to create a unique account for each user. Not only does this allow for different levels of access to be assigned to different people, but you always know who is logged into the solution. This is useful for access logging (sometimes required by law), troubleshooting, and for personalizing each user’s experience.
Let’s get started with securing your solution at a basic level.
Here’s what you’ll do:
- Set up your full-access account
- Identify roles
- Add a manager-level privilege set
- Add a team-level privilege set
- Add user accounts