Managing access in Pigment is essential for security and enabling each Member to perform their Role effectively. By clearly defining roles and assigning appropriate access levels, you protect sensitive data and streamline operations. This overview explains how access is set up, assigned, and managed in Pigment.
Why is appropriate access so important?
Creating clear roles like Administrators, Managers, Finance Analysts, and End Users, each with the appropriate access in Pigment, is key to keeping everything running smoothly. This setup not only helps protect sensitive data but also ensures that everyone has the access they need within the scope of their role.
Segregating duties, like separating who can request and approve budget changes, adds an extra layer of security by minimizing risks. Plus, by regularly checking who has access to what in Pigment, you can quickly catch and fix any issues, staying aligned with company policies and staying secure.
Access levels in Pigment
There are two levels of access in Pigment:
-
Workspace access. Workspace access is separate from Application access. If you have an account type Primary Owner, Security Admin, or Workspace Admin, you can grant Members access to a Workspace. A Member's account type impacts what the Member is able to see and do at the Workspace level.
For more information on Pigment account type access and responsibilities, see Account Types in Pigment.
-
Application access. Access to Applications is granted through Roles. Roles also determine Block and Board access. When you set up a new Pigment Role, you define its permissions and data access rights. Permissions determine what a Member can do and access rights determine the data a Member can see or interact with in an Application.
Identify what you need to grant access in Pigment
Now that you're familiar with access levels in Pigment, we'll outline the key sequence to set up your Pigment access and the essential considerations to keep in mind.
Invite Members to the Workspace
- Identify each Member's responsibilities before inviting them to the Workspace so you can assign the appropriate account type.
- Consider whether to add Members individually or in bulk, especially if assigning administrative privileges.
Set up Roles for permissions in Applications
- Carefully plan the Roles needed, including their permissions and data access rights, as outlined in your Access Plan.
- Decide whether to assign roles by groups or on an individual basis.
Set up access rights to Dimensions in Applications
- Review any specific custom access rights you need to assign to Roles.
- Ensure your access rights align with what is specified in your Access Plan.
Set up Board access in Applications
- Identify which Members require access to specific Boards.
- Customize Board permissions using Permission-type Metrics.
Invite Members to Applications and test access
- Centralize access by creating Groups at the Workspace level for Members needing similar permissions.
- Decide whether to invite Members via a Group or individually, depending on the scenario.
- Test access by impersonating Members before deployment to business users.
Learn more about Pigment access
Now that you have a high-level overview of access in Pigment, read the following resources to familiarize yourself with Roles and access rights: