Access Control Policy
1. Purpose
Define requirements for granting, reviewing and revoking access to Clerk.io information assets.
2. Principles
- Least Privilege – users receive the minimum access necessary.
- Need-to-Know – data access aligns with job role.
- Segregation of Duties – no single person can deploy unreviewed code to prod.
- Timely Revocation – accounts disabled within 24 h of termination.
3. Account Types
| Type | Examples | Approval |
| Workforce (SSO) | Google Workspace, Slack, GitHub | Line Manager + ISM |
| Privileged | AWS IAM, DB admin | CTO + ISM |
| Service Accounts | CI/CD robots, API tokens | System Owner + ISM |
4. Authentication Requirements
- SSO via Google Workspace with MFA (FIDO2 key preferred).
- Passwords ≥ 12 chars, random, rotated yearly.
- Service account keys rotated every 90 days.
5. Access Request & Approval
- Submit ticket in Jira Security queue.
- Manager justifies business need.
- ISM reviews for conflicts.
- Upon approval, access granted by SRE; ticket closed.
6. Reviews
- Bi-monthly (every 2 months) automated access reports distributed to owners.
- Privileged roles reviewed bi-monthly (every 2 months).
7. Revocation
HR off-boarding triggers removal workflow: * Disable SSO account.
Revoke tokens, GitHub access, VPN certificates.
Collect hardware.
8. Exceptions
Temporary elevated access (sudo, AWS IAM) may be granted for max 8 h via JIT tooling; auto-expires.
9. Monitoring
Login events are forwarded to SIEM. Anomalous patterns generate Better Stack alerts.
10. Compliance
Non-compliance reported to ISM; disciplinary action possible.
Version 1.0 — effective 2025-07-01