Identity & Access Management
Identity & Access Management: Define Permissions, Secure Your Data!
Digitize Identity & Access Management on Cheetah Platform. Use data restriction to ensure sensitive information is accessible only by authorized personnel.
Identity and Access Management · Data Restriction
ROLE-BASED PERMISSION MATRIX
View
Edit
Delete
Export
System Administrator
All modules · Full access
Operations Manager
Department data · Restricted
Field Technician
Assigned tasks · Read-only
DATA ACCESS RESTRICTIONS
Financial Reports
CFO & Management Only
Customer Personal Data
Authorized Departments
General Operation Data
All Users
100%
Data Isolation
∞
Restriction Rules
GDPR
Compliant
Identity & Access Management
Problem & Solution
CURRENT STATE
Sensitive data is visible to everyone; high risk of leaks.
No visibility into who is accessing what data.
Security gaps persist when former employees retain access.
Unanswered questions during KVKK/GDPR audits.
Cross-departmental access compromises data integrity.
CHEETAH İLE
Identity & Access Management
Users only see data defined by their specific roles.
All access movements are logged with timestamps.
All access is cut immediately when a user is deactivated.
Full access history is available as ready-to-use reports for compliance.
Department and group-based isolation prevents unauthorized cross-access.
SPIDYA Software
Access Control Models
Role-Based Access Control (RBAC)
Users are assigned to predefined roles, and data access rights are determined based on these roles. Standard role templates such as Administrator, Technician, or Read-Only are utilized. It is the fundamental building block of corporate Identity & Access Management.
- RBAC · The Most Common Model
Attribute-Based Access Control (ABAC)
Dynamic access rules are defined based on user attributes such as department, location, or project position. It provides flexibility for complex structures where standard roles are insufficient. Rules like "A user in Position Y within Department X can view Data Z" can be configured.
- ABAC · Dynamic Rules
Benefits & Features
How Data Restriction
Empowers Your Operations
Data Security & Leak Prevention
With Identity & Access Management, every user sees only the data they are authorized to access. Internal data leaks, unauthorized access, and accidental data sharing are prevented at the architectural level.
Data Leak Prevention (DLP)
Compliance & Audit Readiness
All access movements are tracked with timestamped logs. During audits, questions like “who accessed what and when” are instantly answered with ready-to-use reports.
GDPR, KVKK & ISO 27001 Compliance
Operational Efficiency
Effective Identity & Access Management boosts team productivity—users get instant access to the data they need and don’t waste time with irrelevant information.
Identity Lifecycle Management
Step by Step
How It Works?
Define Roles
Create roles tailored to your organizational structure. Define distinct access profiles for every role—Administrator, Manager, Operator, or Read-Only.
Set Restrictions
Specify exactly which data can be viewed and which actions can be performed for each specific role.
Assign Users
Assign users to their respective roles. Automated assignment via AD (Active Directory) or Google Integration is also supported. All changes take effect instantly.
Monitor & Report
All access movements are logged in real-time. Ready-to-use audit reports are generated automatically, and alerts are sent for any unauthorized access attempts.
Use Cases
Who Uses Identity & Access Management?
CISO / Security Team
Data Security & Compliance
During the compliance audit, I reported exactly who accessed what in just minutes. Thanks to Identity & Access Management, every movement is logged and sensitive data stays only with authorized users. The risk of stale or open accounts is now zero.
Strengthened Compliance
IT Manager
User Lifecycle Management
When a departing employee is deactivated in AD, their access is instantly revoked in Cheetah as well. During onboarding, assigning a role automatically determines exactly what data the new hire can access. Zero manual intervention required.
Automated Identity Lifecycle
Holdings & Multi-Brand Structures
Departmental Data Isolation
We manage 10 different brands, each with its own customer data. With Data Restriction, no brand can see another’s data. Full isolation on a single platform—this was exactly what we needed.
Cross-Access Completely Prevented
SPIDYA
Cheetah Low - Code Features
Turn your processes into products and applications in no time with the features of the Cheetah Low-Code Development Platform!
F.A.Q
Frequently Asked Questions
What is Identity & Access Management (IAM)?
Identity & Access Management (IAM) is a security discipline that defines and controls who can access specific data, screens, and actions within a platform. Its core components include authenticating user identities, managing access rights, and monitoring all access activities.
How does data restriction work with RBAC?
With Role-Based Access Control (RBAC), users are assigned to predefined roles. Each role determines which data can be viewed, edited, or exported. When a user’s role changes, their access rights are automatically updated.
What does row and column-level restriction mean?
With row-level restriction, a user can only see records belonging to their own customers or assigned projects. With column-level restriction, sensitive fields such as salary information or ID numbers are hidden from specific roles. Two users with different roles using the same screen can see entirely different datasets.
How does IAM support KVKK/GDPR compliance?
Under data protection regulations (like KVKK or GDPR), access to personal data must be controlled and access logs must be maintained. Cheetah’s data restriction module records all access movements with timestamps, reports who accessed sensitive data, and supports the principle of data minimization. Ready-to-use reports are provided for audits.
How is access revoked when a user leaves the company?
If AD or Google integration is active, access is instantly revoked in Cheetah Platform as soon as the user is deactivated in the directory. For manual deactivation, a single click is sufficient. Even after access is closed, historical activities continue to be stored in the log records.
How many different access rules can be defined?
Access rules can be created based on department, position, location, project, or any customized criteria. RBAC roles and ABAC (Attribute-Based) rules can be used together. Completely independent access policies can be defined for different organizations or sub-brands.
How long are access logs stored?
The retention period for access logs can be configured according to organizational policies and legal requirements. Under data protection laws, it is mandatory to store personal data processing logs for the legally required duration.
Contact Us
Carry Your Business Processes into the Future with Digital Transformation!
Contact us for digital solutions tailored to your business processes.
Let us analyze your needs and create a clear roadmap.
Let us analyze your needs and create a clear roadmap.