Recommended Access Control Settings

Thirty-One Circles access control system is designed to give you complete control over where your data flows and how it is used.

We recommend that you set up access to the platform using the “principle of least privilege” this is security terminology for only providing access to what users need rather than granting wider access for ease. The initial project creator is immediately granted Admin access. After this, every new user must have permissions assigned to them, allowing you to reflect on the required access.

For Project level permissions, generally, as you move from “Admin > User Admin > Connector Control > Audience Builder”, the number of users with that permission set should increase. It is worth reviewing your setup if you have more Admins than users with “Audience Builder” permissions.

For Customer Data Export Permissions, access is granted based on the consent given by the user. This way, it is possible to restrict users to only export data they need access to for their role.

“Automated” exports are much more secure than “Manual” as data is sent directly to the pre-built destinations (connectors), keeping the data on secure pipelines throughout.
“Manual” exports allow for the download of hashed email lists to the user’s computer (as long as this includes at least 100 users), which is useful if the data can’t be sent via an automatic route.

Our best practice is to only grant “Manual” exports to those who absolutely need them and remove them once this is no longer required, as this is less secure than the automated equivalents.

Matching Project and Export Permissions

Our final recommendation in this section is to grant flexibility and security by restricting as many users as possible to only “Audience Builder” and “Automated” exports. This allows for flexibility to create audiences on the fly while data moves only in a secure environment from a pre-allocated source to a pre-allocated destination. Consider everyone who needs more permission from this as an exception rather than the norm, and your account will remain more secure than granting everyone Admin.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Recommended Access Control Settings

More questions?