Access Control Policy

1. Purpose

The purpose of this policy is to establish a secure framework for managing access to the WTD environment. This ensures that sensitive financial data and system resources are protected against unauthorized access through consistent and documented management practices.

2. Scope

This policy governs all access to the application’s production environment, including the user interface, backend APIs (including Plaid integration), database systems, and host infrastructure.

3. Principles of Access Control

• Principle of Least Privilege (PoLP): Users and system processes are granted only the minimum levels of access necessary to perform their functions.
• Role-Based Access Control (RBAC): Access rights are grouped by roles to ensure consistency and ease of auditing.
• Accountability: All access is tied to unique, individual credentials. Shared accounts are strictly prohibited.

4. Defined Roles

5. Access Management Procedures

5.1 Provisioning and Modification

New access requests are manually reviewed and provisioned by the Administrator. Access levels are reviewed whenever a user’s role changes to ensure they remain within the scope of Least Privilege.

5.2 Revocation

Access is revoked immediately (within 24 hours) upon a user no longer requiring the service, or in the event of a suspected security incident or lost device with admin privileges.

6. Technical Safeguards

• Multi-Factor Authentication (MFA): Enforced for all Administrative access and access to the Plaid developer dashboard.
• Password Standards: Minimum complexity requirements are enforced for all user accounts.
• Infrastructure: Host access is restricted to the Administrator via encrypted SSH keys.
• Hardware: Admin has and uses yubikey hardware OTP in addition to the above.

7. Policy Review

This document is reviewed annually to adapt to evolving security requirements and to ensure ongoing compliance with industry standards.