As an industrial security manager, you have a big program to manage: contracts, visits, foreign travel, insider threat, asset control, training, personnel organization, clearance tracking, and the list goes on.
Fortunately at many organizations there are other teams that own the entire or parts of these key areas. There might be an analyst who prepares staffing availability reports for big contracts, or an Insider Threat Working Group to track reportable information. Wouldn't it be nice if they stopped emailing you and you could give them access to only their relevant security data?
Application security involves more than big locks and orange plants
Well you can stop daydreaming. With ThreatSwitch's new Custom Roles functionality, administrators can grant users permissions to select features and data. On a module-by-module basis, you can say someone has no access, view-only, or full editing access to data.
For example, an Insider Threat Working Group member may have view-only access to all items in the Reportable Information module including foreign travel and insider threat reports. This ITWG user would be restricted from viewing any of your other sensitive data, and can even be selectively restricted from viewing personnel PII. In this case, the security team owns all management of the data, but can easily share key data directly in the system of record without the stress of unauthorized editing or deletion.
Another example might be a JR. FSO responsible for managing VARs and Badges for the entire organization, but shouldn't see PII or sensitive insider threat data. Simply set your permissions and you're off and running.
Ready to take a look at the new ThreatSwitch updates?