Access Control and Logging

Overview

Orthogramic is committed to ensuring secure, role-based access to sensitive data while providing comprehensive logging for auditability. The access control system restricts users from accessing business architecture domain data and documents based on their role, user type, and business unit.

Access Restrictions

Business Unit-Based Restrictions

  • Users are restricted from accessing data from business units above their own.

  • Access to lower-level business units can be granted selectively, based on organizational requirements.

Role and User Type-Based Restrictions

  • Data access can be restricted based on organizational roles (e.g., only managers may access specific documents).

  • Users are assigned permissions based on their type (e.g., department managers, architects) and their role (e.g., reviewer, editor), ensuring appropriate access.

Selective Access Control

User-Specific Access

  • Administrators can grant or restrict access to individual users, customizing their permissions based on their role, business unit, and specific organizational needs.

Cascading Permissions

  • Access permissions can cascade down to lower business units. Administrators have control over whether permissions at higher levels extend downward.

Logging and Auditing

Logging Access to Data

  • Every instance where a user accesses business architecture domain data or documents is logged.

  • Logs include details such as the user’s role, business unit, user type, and the exact data accessed.

Access Logs for Auditing

  • Administrators have access to detailed reports of user activities, including document access, business unit data access, and any failed access attempts.

Security and Compliance

Orthogramic’s access control and logging framework aligns with industry best practices, ensuring that organizations can maintain strict control over data while meeting compliance standards such as GDPR or HIPAA. By implementing encryption, role-based access, and comprehensive logging, Orthogramic ensures data security, transparency, and accountability.

Administrator Features

  • Access Request Mechanism: Users can request access to data from higher-level business units, which can be reviewed and approved by administrators.

  • Regular Auditing: Administrators can conduct regular audits to review who accessed data and ensure that access policies are being followed.

Conclusion

Orthogramic’s robust access control and logging features ensure that sensitive data is protected while enabling flexible, role-based access management. These controls provide the security and transparency necessary for regulatory compliance and data privacy.

© Orthogramic 2024