Infosec wants a method of limiting the ability that space admins have to add individual users to their space.
Hi @Ethan Vaughan ,
with the Infosec team in perspective, would recommend you revoke the "Admin" permission for all Individual users and any group other than site-admins.
Suggestion: Would recommend centralizing the admin permissions to someone from your team, and take requests via some ticketing system to track the change requests.
Not a terrible idea. Currently we have a process thru SNow to add/remove users to the 3 unique groups assigned to each space, (Admin_*spacekey*).
We run all access thru this style. The issue is that admins are inherently able to bypass that by assigning individuals; which is the entire solution I'm looking for.
Not going to centralize access control like that because we're talking about hundred plus spaces.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.