From fixed roles to flexible permissioning
Table of Contents
In life, you play many roles: colleague, football coach, or parent. But in software, there used to be only one role that mattered: user, or better still, superuser.
For a long time, access rights were simple. You were an admin, a user, or maybe a superuser. Each role came with a fixed set of permissions. Clear enough, but once teams grew, it stopped working. People needed different kinds of access. Some only had to view data, others to edit or approve it. Traditional roles could not keep up. Luckily, that has changed. We have moved from fixed roles in the past to flexible permissioning today.
Building roles that fit
Modern permissioning systems let organisations create their own roles. Each one can be tailored to what a team or function actually needs. Just as important, it ensures that users cannot view or edit things they are not allowed to.
You might give someone rights to manage users but not change data structures. Another person can edit market data but not publish it. Or you can create a “four-eyes” process where one person makes changes and another approves them.
Operations teams, developers and market data managers can all shape roles that fit their responsibilities. The principle is simple: permissions should follow how work is done, not define it.
From flexible permissioning to authorisation
Flexible permissioning defines what someone can do inside a Market Data Platform. Authorisation controls what happens with the data itself. It determines which receiving party may use specific datasets and under what conditions.
A user with the right permission can manage these authorisations, for example by deciding which receiving parties may receive certain market data attributes. Keeping permissioning and data authorisation separate gives organisations both flexibility and control.
Secure access
Modern systems combine identity management and login in one secure setup. Organisations can connect their own identity environments and manage users centrally.
To keep that access safe, it is important to include features such as universal login, single sign-on, multifactor authentication, passwordless login and machine-to-machine communication. Together, these bring enterprise-level security without unnecessary complexity.
Confidence through flexibility
Flexible permissioning gives organisations control without complexity. It brings structure, keeps people moving, and makes compliance easier to demonstrate. For financial institutions, it is vital to know who can do what and where market data can go, ensuring that systems follow the mandates of market data vendors. Whether you manage authorisations yourself or let BIQH do it as part of a managed service, what matters is that access is secure and fully compliant.
In the end, it is about confidence that everyone has the right access. No more. No less.
Want to know more? Get in touch with us or download our factsheet.
