Below are some recommended best practices concerning granting admin access:
1. There is no limit to how many admins your site can have
Every VolunteerHub contract contains a maximum number of Active Users a site can have. An Active User is defined as an account which has registered for an event within the past 12 months. Assuming all of your admins are only utilizing your site for administrative reasons, those accounts would not count towards your limit. This means there is no monetary reason to use shared accounts and only leads to a less secure site.
2. Do not use shared admin accounts
As defined above, there is no monetary benefit to sharing admin accounts, but also having shared admin access makes it more difficult to remove access once someone is no longer with your organization.
3. Remove admin access once someone leaves the organization
Once someone leaves your organization, part of the exit process should be to remove their admin access to VolunteerHub. This is done simply by removing them from the user group which was granting them this access. Every VolunteerHub site has a 'Superusers' User Group, which grants full admin access, but if your site has the Advanced Permissions module your site may have other User Groups which grant limited admin access.
4. Conduct a periodic audit of your admins
It is recommended to routinely check your Superuser and other admin groups to ensure all users with admin access are people who need that level of access.
5. Create limited admin groups
If your site has the Advanced Permissions module, you can create an unlimited number of admin groups, tailored to the exact permissions needed. Ensuring that each admin only has access to the features, settings, events, and users they truly need access to is both more secure and easier for the limited admin--this ensure they only have access to things they would want to actually access.
Unsure what admin groups your site may have? Support can assist with identifying which groups have administrative permissions.