New RBAC Roles Enable Secure and Scalable Incident Management Processes

At the heart of a tool like FireHydrant is the ease of mind that you get from automating your processes. Need to remind your responders to post updates to the status page? Set up a runbook step and it’s good to go. But in order to keep that process running smoothly, it’s important to know who exactly has access to update that process. Giving your team just the right level of access to your incident management tool is critical to maintaining that ease of mind and high-degree of confidence about your team responding to incidents.

And if you are building a secure and scalable incident management process for your organization, Role-Based Access Control is one of the most important tools that allows you to define and assign roles to individuals involved in incident response. It ensures that the right experts have the appropriate access to address incidents swiftly and effectively, and that all of your stakeholders have the right access to status pages, incident summaries, and retrospective reports.

Today, it’s even easier to set-up FireHydrant with a major update to our Role-based Access Controls. In addition to the two core roles that FireHydrant has always offered (Owner and Member), we’re introducing two new roles to help you give your team just the right level of access to the platform:

• Viewer: the new Viewer role allows you to grant view-only access to incidents in the FireHydrant platform. Just like unlicensed users, Viewers can join Slack channels and view status pages, but they can also log-in to FireHydrant to view incidents and the Service Catalog.

• Collaborator: the updated Collaborator role is designed for the majority of your users who are involved with responding to incidents but don’t need to manage anything about the process like Runbooks, Severities, or the Service Catalog. These users can have assigned roles in incidents, post updates and make edits on an incident.

Using these two new roles, you can now give your team members the appropriate access for their needs without worrying about changes to your core workflows and settoimgs. Access to important configuration like Runbooks, Incident Types, Service Catalog, and more, remain unchanged for your managers and admins in Owner and Member roles. Now, you can assemble the right teams for your incidents with confidence in the security of your data and, importantly, can rest easy that your well-defined processes will continue to guide Incident Responders towards resolving incidents quickly.

To get started with these new Roles, you can easily update individual roles in the FireHydrant web app or via your IDP using our SCIM API endpoint (docs). Read more about our roles here in our documentation.