This example shows how Databunker Pro secures a CRM backend against malicious insiders, preventing unauthorized bulk data extraction and enforcing strict access controls, even even for privileged users.
Prevention of Data Theft: Stops malicious sales users from extracting the entire client database by enforcing granular access controls and data masking
Context-Aware Access Control: Uses request metadata to validate the context of each access request (e.g., client interaction context, approved reasons)
Data Masking: Ensures sales team members can only access specific fields they need (e.g., email), with all other data automatically masked
Audit Trail: Tracks all access attempts with their associated context for security monitoring
Configuration
✓ Connected to Databunker Pro⟳
Step 1: Create Groups and Roles
Create a leads group and necessary roles for sales team and leads.
Output (press on "Run" to see result):
Step 2: Create sales user
Create a user account for a sales team member.
Output (press on "Run" to see result):
Step 3: Add sales user to leads group
Add the sales user to the leads group with sales role.
Output (press on "Run" to see result):
Step 4: Create lead user
Create a lead user and automatically add them to the leads group with lead role.
Output:
Step 5: Initialize Bulk Operations
Get an unlock UUID token for bulk operations.
Output:
Step 6: List All Users in Leads Group
List all users in the leads group using the bulk operation.
Output:
Step 7: Create sales user policy
Create a policy that allows sales users to access lead information.
✱ Access is granted only to email address. All other fields will be masked.
Output:
Step 8: Create sales user access token
Create and save an access token for the sales user.
Output:
Step 9: Read lead user with sales token
Use the sales user's token to read lead user information.
✱ Access is granted only to email address. All other fields will be masked.
Output:
Step 10: Reset access token
Reset the API token back to the original admin token.