Skip to main content
Version: Current

Section 4: Review Security Best Practices

Maintaining a secure Zudello environment requires ongoing vigilance. Regularly reviewing user access, permissions, and group memberships is crucial.

Key Review Activities (Recommended Quarterly):

  1. Review Active Users:
    • Navigate to Organisation Settings > Users.
    • Filter by Status: Active.
    • Verify every user listed is a current employee who requires Zudello access.
    • Deactivate any users who have left the organisation or no longer need access.
  2. Review User Group Permissions:
    • Navigate to Organisation Settings > User Groups.
    • Edit each active User Group (especially 'Access' types).
    • Review the assigned permissions. Do members of this group still need all these permissions? Apply the principle of least privilege – grant only necessary permissions.
    • Ensure no unnecessary sensitive permissions (like Organisation Admin rights or broad deletion rights) are assigned.
  3. Review Group Membership:
    • Navigate to Organisation Settings > Group Membership.
    • Expand each active User Group.
    • Verify that every user listed as a member should belong to that group based on their current role and responsibilities. Remove users who no longer need the group's permissions.
  4. Review Data Permissions:
    • Navigate to Settings > Data Permissions.
    • Edit each active Data Permission.
    • Review which User Groups are assigned.
    • Review the resource access rules. Are they still appropriate? Are the specific values (like Departments or Locations) correct? Ensure visibility isn't broader than necessary.
  5. Review Organisation Admin Access:
    • Navigate to Organisation Settings > Users.
    • Filter by Admin: Organisation Admin.
    • Confirm that only essential personnel have full organisation admin rights. Remove this right if no longer required.

Other Best Practices:

  • Use SSO: Implement Single Sign-On (like Microsoft Entra ID) if possible for enhanced login security.
  • Password Policy: If not using SSO, ensure users follow strong password practices.
  • Offboarding Process: Have a clear process to immediately deactivate Zudello access when an employee leaves.

End of Tutorial

By regularly managing User Groups, Data Permissions, and reviewing user access, you can maintain a secure and efficient Zudello environment.

Related How-To Guides: