User access policy to secure your business process

|  Posted: June 19, 2018  |  Categories: Atomic Scope Launch

In many of the custom  end to end functional monitoring solution, security is often the overlooked but most important feature. By security we mean the access control for the users and auditing of their actions in the system. With the Introduction of Atomic Scope 2.0, we have introduced  comprehensive user access policies to secure your business process.

Note: Checkout other features & improvements in this release. 

Adding a User

Atomic Scope uses windows authentication as the identity mechanism. To get access to Atomic Scope every user needs to be part of the Atomic Scope portal. We can add new users in the User Management section of the settings page

User Management - UI

Once the user is added to the system the user will be able to login to the atomic scope portal. By default all admin users will have access to all workspace and business process. Non admin users needs to have access to specific workspace/business process to be able to view data.

Note: In most cases there may not be a need for more than few admin users. Since majority of the policies can be established at the workspace/business process level.

Workspace user access policy

In Atomic Scope workspace is an abstract concept designed to provide more flexibility in how the customers want to organize their business process. At the elementary level you can think of workspace as a container for your business process and resources.

Workspace permissions - UI

Users can have access to one or more workspaces based on their requirement. Currently we have two roles for workspace.

  • Workspace User – User can access the business processes within a workspace
  • Workspace Owner – User can makes changes to the workspace like adding users/deleting workspace etc

Workspace Add Permissions - UI

Business Process Access User Policy

In addition to workspace access policy Atomic Scope also allows customers to enforce user access policy on individual business process.

Business Process User access policy- UI

Business Process User access policy id categorized into 3 levels

  • User (Business Process) – User can access the business process and also edit the business process to which they have access to.
  • Owner (Business Process) – User will be able to edit, delete and  also add users to the business process.
  • Reader (Business Process) – User can view the business process but won’t be able to make any changes.

Summary

We would like to point out that policies in themselves are ineffective; their effectiveness is directly proportional to the support they receive from the organization

We hope this feature will be useful and especially relevant to the customers who are looking to ensure clear separation of concern. Finally we are open to any suggestions to make this feature better.