Custom Roles for Access Control allow IT and security teams the ability to grant specific permissions to team members who need it most.

Many organizations — including enterprises, hospitals, schools and commercial real estate portfolios — have IT and security teams managing their access control system. Consequently, this means that more people get administrative access permissions. Not only do these permissions allow access to specific areas within a facility, they also make it possible for users to edit other users’ credentials. The more people who have administrative permissions, the higher the risk of stolen or hacked credentials. The bottom line is that the more people with administrative permissions, the more at-risk your organization becomes. But there is a remedy for this situation.  

Custom Roles for Access Control allow IT and security teams the ability to grant specific permissions to the team members who need it most. While other systems only allow the assignment of bulk permissions, Genea Custom Roles lets administrators create a user role, then add or subtract specific permissions from that role. Continue reading for a closer look of how Custom Roles works and its benefits.  

custom roles for access control

The Principle of Least Privilege 

The major benefit of Custom Roles is its ability to help organizations operate using the Principle of Least Privilege (POLP). POLP stipulates that it’s appropriate to only grant access privileges relevant to one’s job or tasks they must accomplish.  

With Genea Custom Roles, IT and security teams can abide by POLP in two ways. Firstly, they can assign custom security privileges to organizational personnel. These privileges grant or restrict access according to the security administrator. For example, an assistant might need to access the kitchen but not the server room. IT and security teams can make sure only the necessary permissions are distributed. 

Secondly, to save time, the security administrator can delegate administrator privileges to non-security personnel within an organization. For instance, if an administrative assistant is in charge of scheduling the company conference room, then they must have administrative privileges to grant others access to that conference room. With Custom Roles, IT and security teams can customize the assistant’s administrator privileges, granting that assistant the permissions to do exactly what they need for their job.  

But what if the IT and security team needs to give permissions to someone other than the administrative assistant?  

Why Create Custom Roles? 

Custom Roles allow IT and security teams to delegate administrative privileges to other team members. Ultimately, this saves IT and security personnel time since they will not need to attend to every request. Additionally, delegating administrative privileges makes other people within an organization take stock in the security of said organization.  

Assign Different Levels of Access Using Custom Roles 

With Custom Roles, Access Control administrators can assign different levels of interaction each employee can have with the system. For example, a CEO may have global access, but an executive may only have administrative permissions for their team. But why is this helpful?  

By defining permissions, credentials are kept on a need-to-know basis—protecting security. 

To initiate the process, system administrators must first create a new role. As stated, this role can be customized for any given situation. Once created, administrators may grant permissions based on the task.  

Customizing Administrative Privileges 

After the role is created, privileges must be assigned. These privileges are abilities that administrators have. These include: 

  • Users 
  • Keys 
  • Hardware 
  • Visitor Logs 
  • Integrations 
  • Badges 
  • And more…  

Additionally, the access type must be selected:  

  • No Access- User admins won’t see the task.  
  • Read Access- User admins see all the tasks but can’t edit them. 
  • Full Access- Grants users complete control. Users can see and edit all tasks. 

Cloud-based Access Control from Genea 

Genea is proud to continue to provide 100% cloud-based access control to enterprises, commercial real estate portfolios, hospitals, schools and many more. Our system runs on non-proprietary hardware, meaning you will never have to swap hardware, even if you change software providers. Plus, our 24/7/365 live support team is here to help whenever a problem may arise. To learn more about Custom Roles and dozens of other features, contact one of our friendly experts.