Granting admin access to employees can result in severe consequences, including security breaches, data loss, and system downtime. It is critical to ensure that only authorized personnel have access to sensitive systems and data to prevent such incidents. Therefore, SSW have a procedure to enable developers or any other employees to request permission to elevate their access level.
The first step in requesting permission is to identify the resource that you need access to. e.g. an Azure resource group or the Dev Environment in CRM.
The required level of access, such as Read, Contributor, or Admin, should be determined.
Explain why you need access to the resource and how it will benefit your work. This justification is necessary to ensure that the requested access is legitimate.
To make it easy for a user to request access to resources, we have Entra Access Packages in place.
By grouping linked resources together into unified packages, they streamline the procedures for authorizing, examining, and withdrawing access. This doesn't just cut down on administrative workload but also boosts security by guaranteeing that users possess appropriate permissions when needed.
We can't use access packages for all systems - e.g. Tina (i.e. editing websites), GitHub, and Azure DevOps. If you can't find an access package for the resource you need to access, send an email to the SysAdmins using Outlook | New Email | Content Chooser | All Staff Email Templates | Select requesting-access-to-various-systems
In Access Packages, we add an expiry date for the permission we grant user depending on the environment.
If requesting access to GitHub or DevOps resources, CC either Email group:
