RBAC (Role-Based Access Control)

Role-Based Access Control (RBAC) is a security model that assigns system permissions based on a user's organizational role rather than on individual user identity — grouping users with similar job functions under a defined role and granting that role the access rights appropriate to its responsibilities. In CRM, RBAC means that all sales representatives share a common access profile appropriate for their function, all customer success managers have a different profile, and system administrators have a third. This approach simplifies permission management at scale: when a new sales representative joins, assigning them the sales rep role automatically grants all necessary permissions without manual configuration of each individual right. RBAC also makes access audits more tractable by reviewing role definitions rather than individual user permission lists.