CoreView offers the flexibility to augment or enhance your existing Least Privilege Access and/or Role-based access control strategies.
Least Privilege Access
Least privilege access is the practice of restricting access rights for users, accounts, and computing processes to only those roles necessary to perform routine, legitimate activities.
For example, if someone's job is to monitor license usage for a particular division in your organization, you can configure their access so that they only see that division and the licenses that are part of it.
Role Based Access Control (RBAC)
CoreView allows you to define access to information and actions based on the job function of the person accessing the console.
This allows you, for example, to give the regional administrator in Chicago access to only the objects in that office. The finance manager, for example, can view licensing and service usage reports. Meanwhile, a high-level administrator can only make specific changes to defined users.
CoreView features
CoreView enhances the experience of designing a least privilege access and/or RBAC model to keep your Microsoft 365 tenant safe and secure. There are several CoreView features you can use to create and maintain a strategy for least privilege access:
Operator roles
Microsoft administrators are called operators within CoreView. The operator with the highest level of access is known as a “Tenant Admin”. CoreView allows the “Tenant Admin” to finely control what other operators can see and do within the tenant.
Using the Role-based Access Control (RBAC) security model, operators are granted access to resources based on their role in the organization. Their access can be limited to information and actions based on their job function. Each operator can be assigned roles that grant an initial level of access to CoreView, which can then be modified with permissions.
Permissions
Assigned permissions determine the actions an operator can perform within CoreView.
The creation of role-based access controls (permissions) is essential to ensure that any “Operator” has the appropriate access to perform the activities required of them.
Please remember that if you do not see all the features discussed above, it may be because the roles and permissions applied to your CoreView account restrict access to certain features.
Operator delegation
You can easily and securely delegate role-based access to CoreView to individuals within your organization using any or all of our three key control mechanisms. These provide you with the ability to define an individual’s use of CoreView as narrowly or broadly as is appropriate for an individual’s technical or a business role within your organization.
Only TenantAdmins can manage operator accounts and assign Permissions.