Reading Class 25 - meron-401n14/seattle-javascript-401n14 GitHub Wiki

Role-based access control(RBAC) restricts network access based on a person's role within an organization and has become one of the main methods for advanced access control.

Best Practices for implementing RBAC

Here are few things to map out first

1. Current status : Create a list of every software, hardware and app that has some sort of security.
2. Current Roles: Even if you don’t have a formal roster and list of roles, determining what each individual team member does may only take a little discussion.
3. Write a policy : Any changes made need to be written for all current and future employees to see.
4. Make Changes: once the current security status and roles are understood (not to mention a policy is written), it's time to make changes.
5. Continually Adapt : it's likely that the first iteration of RBAC will require some tweaking. Early on, you should evaluate your roles and security status frequently.