Set default roles access to none
As a model builder and workspace admin, i need newly created modules, lists and actions not to be accessible to any role except the full access role.
This is necessary to follow security guidelines and best practices of "least privilege" (you only have acces to what your eligible to).
Currently the opposite is done in anaplan and when creating new modules in anaplan, all roles have write access to these by default.
This requires extra check steps on the model building tasks to then remove for each role the access for each module.
If missed (which can definitely happen), then some users may have access to part of the models they are not supposed to and this can lead to potential incidents in anaplan applications.
Changing the default setup behaviour would go a long way to increase security and reduce o
Additional security checks and/or incident
Comments
-
I believe it is already that way...If you create a module, every role defaults to None until the admin changes it.
Module:
List:
And the same is true for Actions.
0 -
@rob_marshall : that's completely correct ! we must have missed how this is working. One less item on the list 🙂
0 -
Oddly I sometimes wish it was the way round you don't want it to be as it's the one thing that's often forgotten about and with UX being so separate it doesn't really matter much any more if a user can/can't access a module.
0
Get Started with Idea Exchange
See our Submission Guidelines and Idea Evaluation Criteria, then start posting your own ideas and showing support for others!
