In the real world, websites and applications are managed through the combined efforts of many different people: designers, developers, admins, and others, both within a company and working freelance. Each of these may, at some point, need access to the site at a deeper level than is provided by content management systems.
The need to provide site management credentials to multiple users poses something of a problem for site owners. The naïve, and dangerous, solution, is to give designers and developers access to the site’s administration user account; the account that has no limitations on access. Obviously, that’s not a secure solution:
- Security best practices dictate that individuals are given only the access they require to carry out specific tasks. Giving them wider access is an invitation for both incompetence and malice to cause serious damage to a site.
- Handing over full control to contractors and freelancers isn’t wise. While the vast majority are honest, many sites maintain databases with highly sensitive information — it’s just not smart to take the risk.
- Managing a single set of credential between multiple users is complex to say the least. If one employee leaves, the password has to be changed, which means everyone using the passwords must be updated. Often it isn’t updated because of the difficulty of keeping everyone in sync.
The solution is obvious: allow site owners to create multiple sub-users and give them fine grained control over the permissions they grant to those users. Unfortunately, it’s not a solution that cPanel, Parallels Plesk, or DirectAdmin have seen fit to implement. cPanel and DirectAdmin provide no facility for creating per-account sub-users and Plesk doesn’t allow site owners to create their own sub-users.
InterWorx has a more elegant solution to the problem of multi-user access and it’s one that conforms to the way sites are built and managed in the real world. InterWorx site owners can create multiple sub-users for each site and grant each only the permissions to use the parts of the InterWorx interface necessary to complete their tasks. Creating users is straightforward and assigning permissions is a simple matter of checking the relevant boxes.
Sub-users are a more secure way of handling multiple users than the solutions offered by other products, allowing site owners to manage their sites securely and efficiently, rather than forcing them to circumvent security best practices to carry out a task as simple as allowing a developer database access without allowing her full access to the site’s filesystem via the InterWorx file browser.
Sub-users are just one example of InterWorx’s thoughtful design philosophy. In the coming weeks, we’ll be highlighting further examples on this blog.