SFS Turbo supports now IAMs fine-grained policies functionality in EU-DE & EU-NL region. This allows to assign action-based access rights to users. Those individual rights supports e.g. that users may not be obliged to delete shares while the creation of shares is allowed. Usage of fine-grained policies allows implementation of least privilege principle and avoids that users are equipped with a wide-range of configuration options that may lead to enhanced challenges and damages in case of compromised accounts.
9 individual actions are available, that you can assign individually to your users & user groups. Actions can be granted as well as explicitly forbidden. The explicit prohibition prevents that users get access to a functionality through otherwise created policies. In addition, it is possible to link permissions with conditions. This allows you to implementthat certain actions can only be performed by users with e.g. active multi-factor authentication like the deletion of shares. All in all the usage of IAM fine grained policies will increase the security level of the whole infrastructure.