Cloud Management: User Management
The Moovweb Control Center is the web-based interface to manage your projects, deployments, and teams. This article describes the user management features from the Moovweb Control Center.
User Management in Control Center
System administrators and developers use the Moovweb Control Center to manage projects across the various endpoints and take advantage of enterprise-grade version control and user management. The Control Center has built-in permission management that is configurable at the individual user, team, or organization level.
The Control Center implements industry-standard security practices and employs strong policies across for the entire system to protect our customers.
There are two main types of accounts that can be defined in the Control Center: individual users and organizations.
Individual Users: This is the default account type when a new user signs up. Each individual user owns an account where they can create and manage projects. Individual users can also have access to shared accounts or share access to projects in their own account to other users in the system.
Account owners can invite new users to join their projects and even promote these users to managers to give them more control over projects. To switch accounts, go to the Accounts dropdown and choose the appropriate one.
Organizations: Organizations are accounts that provide enterprise customers a fine-grain control over users. Individual users can be associated with pre-defined security roles within each organization the user belongs to. Each security role has different types of privileges that are explained in more detail below.
Organizations can only be created by administrators of the Control Center and involve Moovweb administrators’ approval.
Application Security Roles, Privileges and Provisioning
The Control Center security follows a role-based implementation model that gives organizations the flexibility to manage their users by job function and interaction with the system.
The following are the pre-defined security roles in the Control Center:
|Manager||Moovweb Administrator||Deploy transformation rules to staging and production|
|Administrator (Moovweb)||Moovweb Super Administrator||Add/remove Members and Managers from projects|
|Super Administrator (Moovweb)||Moovweb Super Administrator||Add/remove Administrators, disable/delete projects|
|System Administrator (Moovweb)||Approved by President & CEO of Moov Corp||Administrator access to servers and AWS|
User Account Management
The Control Center has a user account page which presents a list of Moovweb projects associated with that account. From this list the user can watch any project listed to receive notifications via email when the project has any action performed by another user.
In the user settings page the user can invite new users to join its account or manage the control that other users can have over the projects. Also, the user can manage project notifications and Moovweb SDK active sessions used to deploy code to projects in this account.
User Account Security
Security is of critical importance to Moovweb and our customers. We employ industry best practices, keep abreast of latest security development, and are always looking for ways to improve our security posture. We are certified as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS) version 3.0.
User accounts have strong password protection policies and deliver automatic notifications when accounts have been temporarily locked or after the account settings have changed. Strong security policies are applied to prevent brute-force attacks and promote users to proactively manage their password on a regular basis as a way to protect them from identity theft.
The Control Center will soon integrate SAML as part of the third-party integration with enterprise class identity management systems, taking our user security and user management to the next level.