Access Control Policy
- Renata Pereira Juraski
On this page you can find the process description of the opening, changes and removal of access to all systems used in Rocket.Chat, along with area or role specific platforms, the permission level rules and department responsible for each system.
A periodic review of privileges and accesses must be performed by each area responsible for the system.
Onboarding
The access control for the onboarding is facilitated by Jira templates with a list of the primary systems the new Rocketeer should receive access to. All invites are sent on a Wednesday that precedes the Rocketeers' first day.
The list includes platforms that are used by the entire company. Platforms of each area/department are under the direct manager's responsibility to release access to the new rocketeer by following the steps described here.
Rocketeers can also request access to other specific area platforms according to necessity during their time in Rocket.Chat - like Loom, Huspot, CRM, and Figma...by following the steps described here.
Permission levels listed as "User" refer to platforms where there are no specific level attributions, and users are simply created.
Platform | Who gets access | Permission levels | Who releases the access |
|---|---|---|---|
Google Workspace | Everyone | User | People Team |
open.rocket.chat | Everyone | User, Rocket.Chat Team | People Team, Leader adds to private area specific channels |
Jira | Everyone | User | Auto-Join (with RC email credentials) |
Zoho People | Everyone | "Admin" for C-level and specific roles who need management rights to certain areas of the app (i.g. People Analytics or FP&A), "Team incharge" for leaders, "Team member" for all other members | People Team |
Zoho Sign | Everyone | "Admin" for C-level and specific roles who need general access to documents (i.g. Onboarding specialist), "User" for all other members | People Team |
Zoho Survey | Everyone (only to the Rocket.Chat segment), HR team members to the HR segment | Rocket.Chat segment: "Admin" for C-level, "User" for all other members / HR segment: "Admin" for leaders and People & Culture, "User" for other team members | People Team |
Zoho Vault | Everyone | "Admin" for C-level, "User" for all other members | People Team |
Officevibe | Everyone | User | People Team |
TheOrg | Everyone | - | People Team |
Qulture.Rocks | Everyone | "Admin" only attributed to People Analytics and HR leaders responsible for maintaining the platform, module specific admin rights can be given to users, "Member" for all other users | People Team |
Zoho Desk | Support Team | - | People Team |
Zoho CRM | Sales, Presales and CSM Teams | Permission determined by the "Profile" and "Role" fields. Profile is related to the person's role in terms of sales ("Standard" if outside of sales). The Role "Data owner" is applied to people in sales and its related areas, otherwise the "Manager" role is applied | People Team |
GitHub | Engineering, Product and Community Teams | At the organization level, "Owner" level is assigned to founders and certain high-managers, while all other members have "Member" level. However, at the repository level, the team leaders responsible for each repo have "Admin" level | Engineering Team |
Figma | Design and Marketing Teams | "Admin" only for CEO and Design Leader, "Editor" level for design team and specific members of marketing team, "Viewer" for anyone from Rocket.Chat who needs access or outside guests participating in certain projects | Design Leader (also conducts monthly checks and removals of inactive members) |
Linkedin Sales Navigator | Sales Team | User | Revenue Operations |
Yesware | Sales Team | User | Revenue Operations |
Zoominfo | Noram Sales Team & SDRs | User | Revenue Operations |
Zoho Telephony | Sales Team | User | Revenue Operations |
Grammarly | Everyone that needs to write customer-facing e-mails or tickets | User | Revenue Operations |
Uber | Everyone that needs to take rides for the company | User | Finance Team |
Upwork | Everyone that needs to hire freelancers | Hiring: Source Talent Only | Finance Team |
Youtube | Everyone that needs to upload videos to Rocket.Chat's channel | Manager | Marketing Team |
Conta Azul | Finance Team | User | Finance Team |
Xero & Hubdoc | Finance Team | "Advisor" if the person needs full access to reconciliation and reports; Otherwise, "Standard" | Finance Team |
Stripe | Finance Team, RevOps Team, Support, Engineering and Product | "Analyst" for Finance and RevOps; "Developer" or "View Only" for Engineering and Product; "Support Specialist" for Support Team | Finance Team |
Google Ads | Marketing Team | Standard | Marketing Team |
Google Analytics | Marketing Team | Editor | Marketing Team |
Twitter Ads | Marketing Team | Ad Manager | Marketing Team |