Best Practice – Users and Roles

Sitecore recommended practices for security (users and roles):

  • Break inheritance rather than explicitly deny access rights.
  • Apply security to roles rather than users.
  • Limit access to the parts of the content tree that are relevant to the user that is logged into the system.
  • Limit access to the ribbon items by disabling features that are not relevant to individual users.
  • No users should have empty or obvious passwords.
  • Use the profile setting of the user properties to specify that a user should always use a certain interface no matter what interface they select in the login screen.
  • Make sure that users belong to only the required Sitecore Client roles.
  • Administrator user accounts should only be used to perform administrator tasks (mainly unlocking other user’s items)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

%d bloggers like this: