[Skip to content]

Search our Site
Easysite Resource Centre
Managing Access Control

Managing Access Control

Easysite supports Direct and Brokered Authentication patterns. Brokered patterns such as federated authentication or Active Directory authentication ensures that the network administers access control, login and group policies.

Managing Users and Groups

The management of users and groups can be delegated, so that groups of groups can be created and managed in isolation. This allows group membership management in isolated from group privileges meaning the responsibility for users and groups can be delegated more widely without compromising control.

Standard usernames and passwords allow access to content, services and if configured as an Easysite user, the Easysite Administration interface. Once authenticated, access control through groups, privileges and permissions should be continually reviewed and maintained.

Group Privileges

Easysite provides user and group management with granular privileges and permissions meaning there are no default or pre-determined access rights for any groups. There are over 200 privileges that can be assigned to Groups, these relate to individual options on the system, for example differentiating between formatting buttons (i.e. Bold or Italic) for the Content Editor.

Group privileges screenshot

Group Permissions

At the same time Easysite sets permissions on all Objects in the system by folder or by category. This in turn means explicit permission is required before any Group with a respective privilege can make changes.

This way each individual object is secured, so that images, videos and documents appearing on pages have different permissions, workflow and auditing. If a document becomes restricted it will be automatically and instantly removed from all pages for non-authorised users.

asset category permissions screenshot

Data Privacy

Access control must be clearly defined and documented for different parts of the web site, it is imperative that access to personal information that may be captured through forms is restricted and those restrictions are documented as part of adherence to the Data Protection Act (DPA) – this should encompass the usage of data once downloaded or exported from the web site.

Customers should have in place guidance by which sound and consistent judgement can be made over what information to capture and what information to publish online, and its longevity. An effort should be made to regularly purge data that serves no further purpose.

Similarly customers should ensure that user accounts have set expiration dates, and ensure that accounts are promptly deactivated or deleted to reflect personnel changes.

EU Privacy Directive

EU Privacy Directives state that end users must now 'opt in' to the use of Cookies on a site. The Easysite Cookie Consent module tracks consent and allows users the ability to block non-essential cookies being set.

Management Reports

Management Reports are also available to provide information on page visits and other site activity, these should be regularly reviewed and errant activity identified.

Article comments