✏️ Explanatory Question
Use standard roles where possible.
Assign privileges via duties, not directly to roles.
Avoid modifying out-of-the-box elements; use extensions.
Use XDS policies for data-level restrictions.
Regularly audit user access for compliance and security.