Security vs. User Autonomy

How do you balance the access your users need with your company’s resources?

Security vs. User Autonomy

How should user access be balanced with enterprise IT resources?
Management of user account lists, definition of permissions, monitoring applications…

Define who has the right to do what can quickly become a headache for a developer. How can the security of the system be maintained without slowing the company’s productivity?

Here are several ideas to help you orient yourself, and we recommend our favorite solution at the end of the article.

Combining security and user autonomy

Securing the use of company resources is a delicate subject. It is no small task to combine system security and user autonomy.

A system that has too many constraints, while having the advantage of being perfectly secure, will often prove to be a long-term obstacle for a company’s reactivity. On the other hand, while giving users more autonomy makes a company more reactive, it can entail security risks.

Let’s take a closer look at the daily task of user account and permission management. Here are several options that leave some room to maneuver:

User account management
This task takes a great deal of time and requires the mobilization of technical resources
What if it was possible to transfer this task to non-technical administrators?

Permission management
A good security policy must be able to be adapted to the territory. It is most productive to know the daily users so that they can be given appropriate permissions.
Can we delegate this kind of task? This brings up both technical and strategic questions.

These choices require significant analysis to truly fit the business of each company.

Points to consider

Some key questions:

What tasks should be delegated to administrators?

Account management:
The creation/deletion of accounts is a task easily delegated. It is simple to accomplish technically, and the impact on security is easily controlled.

Permission management:
The choice here is less obvious.
From a strategic point of view: do we wish to transfer this type of responsibility to non-technical administrators?
From a technical point of view: how can a “functional” permission attributed by an administrator be effectively applied to a user?

What kind of tools should be put in place?
We must find or create tools to execute these tasks.

Note: we cannot recommend highly enough that you take into account the perception of end users: Tools that are not user-friendly instinctively encourage users to find ways to work around the system, which put the security of your system at risk.

How to guarantee the reliability of the system?
To maintain a high level of security, you must be able to control what is done at the heart of the system (to know which administrator gave which permission, etc…). Therefore, auditing tools must be anticipated.

How many administrators are needed?
If there are many administrators, you must make appropriate arrangements for their roles and permissions in the administration tools. For example: a master administrator and many sub-administrators with more limited responsibility.

How to manage sites in different locations?
In relation to the structure of the company, it may be necessary to put in place administration tools that work without a direct link to the database to guarantee administrator autonomy.

Make or buy?

This is one of the basic strategic decisions.
Access Control demands a specific line of questioning.

It is particularly difficult to develop a solution that, at the same time, is:

  • Technically viable
  • Adapted to the functional needs (very complex in this domain)
  • Guarantees a high level of security

Moreover, the hidden costs put a strain on development budget in the long term:

  • Daily maintenance: account management, new permissions with each new version of the application, etc…
  • Keeping up with Microsoft’s major technical evolutions

The complexity of the subject justifies a preliminary study of existing solutions.
A precise estimate of the costs (short and long term) and the needs specific to the company will allow you to make the best decision.

Novalys’ suggested solution: Visual Guard

Novalys has developed an access control solution that responds to a large number of the concerns discussed (Visual Guard). In particular:

  • The management of user account is transferred to non-technical administrators with the use of a dedicated console. Thanks to its single interface, they can easily manage the user accounts and permissions of a portfolio of applications.

Note: From a technical point of view, all .NET applications are supported: Winform, Webform,, WCF, WPF, etc… as well as all PowerBuilder applications. The goal is to create a single, centralized security system for all applications. A multi-lingual version is in development to support other, non-.NET applications: Java, C++? PHP…

  • An administrator can thus create, without assistance, login/password account (saved directly in the internal repository of the solution), or can reuse Windows accounts stored in Active Directory.

Note: In practical terms, this means that you can reuse Windows account to authenticate the users of your applications. This allows you to avoid creating an authentication system, and Windows Single Sign-On is automatically implemented.

  • With the same interface, the administrator can assign users permissions that have been pre-defined by developers

Note: Technically, the tool is based on the .NET framework. The permissions are applied dynamically without passing through the deployment phase. Once a permission is assigned by an administrator, it is immediately active (See an example).

  • This console is available in Webform. This means administration tasks can be performed without a direct connection to the database or local network. An internet connection is all that is needed. Therefore, the management of user accounts and their rights can be decentralized (to allow for geographic distance).
  • Visual Guard includes a selection of administrator roles, to facilitate security management. An audit function saves all administration actions and generates reports in .pdf format.

These functions allow you to combine a secure system and user flexibility.
From a functional perspective, the administrators have their own tool for account management.
According to the specific needs of the company, administrators can be allowed to only add users, or can be given more advanced privileges, like the ability to attribute permissions.
The different levels of roles allow a hierarchy to be established among the administrators. The log function guarantees that all security actions can be tracked.

From a technical perspective, there are many advantages to Visual Guard:
It is compatible with multiple authentication systems.
Windows authentication automatically implements Single Sign-On. The functions tied to permissions and auditing are standard features. Off-line and distance mode are both included.

Finally, externalizing both security updates and the ability to keep up with Microsoft’s technical evolutions equate to a significant savings of both time and money. The development teams can concentrate their effort on strategic tasks instead of daily maintenance.