tomwilliamson

Lifecycle for user access/segmentation

Discussion created by tomwilliamson on May 2, 2019
Latest reply on May 2, 2019 by derekv

Hi everyone,

 

I'm curious to see how the community is generally addressing the question of user management in enterprise deployments. We have a couple of access products for people to order that are linked to reader, BU manager etc. roles in Qualys, and people using those roles undergo a periodic recertification. However, all users do have global view access to all assets registered in Quays and their associated vulnerability/PCI information which makes me as an owner a little nervous. Is there a standard approach that people are using to segment user access on a per-configuration item or per-business unit level?

 

Welcome any thoughts.

 

Cheers,

 

Tom

Outcomes