Marketing Cloud provides a 3-layered security to the instance:
– General Security Settings
– Access control through Business Units
– Access control through User roles and permissions
General Security Settings
– Session timeout
– Login IP whitelisting and restrictions
– Verification Code settings
– Audit Logging
More details on General Security Settings in Marketing Cloud.
Access control through Business Units
After setting up the security settings that controls sessions, allowed login IPs etc. You can control the access of data by creating separate Business Units. Here is a scenario, your company works in two different verticals (say manufacturing and services). The marketing team has members who works exclusively for one of the verticals. The heads decided to restrict the access of Manufacturing marketing emails, records and designs from the marketers from Services team. Here you can create 2 Business Units, one for each vertical.
Business Unit is a way to branch out your marketing data into separate Marketing Cloud accounts. These accounts are accessible with same credentials and have common backend database i.e. the Subscriber list is common.
Access control through User roles and permissions
- User Roles and Permissions allow control over the Studios and Builders and the ability to create, edit, delete and view an asset.
- A User can have different roles and permissions in different Business Units.