Jump to content

Restricting who can see the information in a particular call

Lynne Aldridge

By Lynne Aldridge
in Service Manager

 Share

Recommended Posts

Steve Giller Grand Master

Steve Giller

Posted
Posted

It's not completely clear what you're asking, can you clarify a little?

At the basic level, only Teams who Support a Service can view its Requests, so the simplest answer here is to ensure that only Teams you want to see the sensitive information support the Services that these Requests will be raised against.
There is also the Visibility setting on Updates, which can restrict the post to Team or Owner if required.

Link to comment
Share on other sites
Berto2002 Veteran

Berto2002

Posted
Posted

@Lynne Aldridge

One of the bits Steve mentioned is the Service Portfolio; you can set the "Supporting Teams" and only people in those teams will be able to see the Requests. Everyone else without admin access gets to see "You are not authorised to view this request" error message. Your Subscribers controls who can log a Request for that Service

Take care though, Request data is available through the Reporting Engine so when we implemented our Councillor Case Management solution, we needed to pull-back all our Reporting access to sys admins only. We also, by default, have every BPM set a custom field integer flag (custom 28) as either 0 (not restricted), 1 (Councillor-restricted) or 2 (HR) and every report with Request data also filters on that custom field to either include or exclude such Requests; so we don't get leaks of the data or metadata from confidential Requests.

image.thumb.png.3efcba39c7b4b3976503f585a8ad2168.png

Link to comment
Share on other sites
Sam P Proficient

Sam P

Posted
Posted
On 7/4/2023 at 3:37 PM, Berto2002 said:

We also, by default, have every BPM set a custom field integer flag (custom 28) as either 0 (not restricted), 1 (Councillor-restricted) or 2 (HR) and every report with Request data also filters on that custom field to either include or exclude such Requests; so we don't get leaks of the data or metadata from confidential Requests.

This is a great tip which I'll save for when we bring HR online to our instance. Thank you @Berto2002

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...