RBAC (Role-Based Access Control)
Role-Based Access Control (RBAC) is a security model that assigns system permissions based on a user's organizational role rather than on individual user identity, grouping users with similar job functions under a defined role and granting that role the access rights appropriate to its responsibilities. In CRM, RBAC means that all sales representatives share a common access profile appropriate for their function, all customer success managers have a different profile, and system administrators have a third. This approach simplifies permission management at scale: when a new sales representative joins, assigning them the sales rep role automatically grants all necessary permissions without manual configuration of each individual right. RBAC also makes access audits more tractable by reviewing role definitions rather than individual user permission lists.
RBAC, role-based access control, governs what users can see and do based on their role rather than configuring each person individually. In a CRM it ensures a rep sees only their accounts, a manager sees the team's, and finance sees contracts, protecting sensitive data while keeping access manageable at scale. It is a core enterprise security control and the basis for safe external portal access.
Frequently Asked Questions
Role-based access control, a method of granting permissions based on a user's role rather than setting access for each individual person.