At Abnormal we created a simplified, security-driven RBAC design pattern that allows our customers to maximize their user set up with minimum hurdles.
Based on our research, security users have the following set of concerns:
We designed the RBAC experience with the following roles & user experience so that regardless which type of security team composition you have, you can navigate our user management system easily set your organization with ease. We kept it simple so that our customers can focus less on configuration, more on protecting their organization.
This role is great for: small organization with simple user provision use case. Users can easily add any new user and give them complete access to Abnormal’s Portal. They do not need to touch the remainder of the RBAC system and can continue to enjoy the simplistic experience.
This role is designed to be incredibly flexible. We designed in a way such that a complex organization can provision all aspects of a user and their access to Abnormal. This is great for a bigger team with analysts to cover different feature areas of Abnormal; MSSP teams that are only provisioned to see certain tenants and certain subset of email information; and CISOs who may only want to access the reporting aspect of Abnormal.
This role is designed to help non-SOC staff, mailing lists accounts, and general purpose accounts to stay informed of Abnormal’s activities via email notification only. We also want to be mindful of customers who may not be able to access Abnormal Portal or prefers to leverage email notifications for existing alerting and SOAR setup.
While we know there is always room for improvement – our current design philosophy focuses on keeping it simple and security-driven but building a foundation so that we can support iterations and change. We look forward to hearing feedback and continue to evolve our design!
Abnormal is the email security company that stands for trust.
© 2021 Abnormal Security Corporation.
All rights reserved.