why you need permissions (granted) for your company

Throughout my entire career, I’ve heard the same response over and over when asking someone to update something: “I don’t want to break it, can you?” It’s this innate fear that has catapulted me into developing permission-based levels of access within the same system. Yep, I’m talking about admins, users, and guests.

While the concept of user-based permissions is nothing new, smaller businesses and companies just starting out don’t necessarily have the foresight to project how many departments or teams they will be overseeing. Beyond the amount of teams, it can be tough to understand whether or not each department needs access to the same silo of information.

Picture this: you have a solid team you’ve been building since day one. Everyone works off the same dataset (financials, forecasts, customer information, etc.) since you’ve all helped build it, and now you’re finally ready to hire an intern. When they start their first day, are you going to just grant this temporary employee access to all of the company’s data?

The method that’s helped most is a simple permission sort - a.k.a. manually going through each member of your team and understanding what information they need access to. It’s okay to have multiple silos; just keep reworking the list until you’re absolutely sure, and then probably check again.

While it seems harmless on the surface (“who cares if an intern has access to my information, they don’t even know how to use it!”), not having existing user permissions can really put you in a chokehold when you’re ready to scale. Knowing who’s in control of your data, and knowing how to filter what data goes to which team member, will only help your business grow.

An example of admin / user dashboard I've developed in notion