Security Levels

New in Version 2021, XFRACAS now supports the use of security levels to restrict specified users from accessing certain incident, problem, project and CSI records within an entity. These levels are defined by an application admin based on your organization’s security policies.

If this feature has been implemented for a given record type, then all records of that type will contain one or more “security level” drop-down lists. An application admin defines the names of these lists and determines where they appear in the record — e.g., in an incident, they may appear in the System/Component Information, Incident Disposition, Incident Repair and/or Incident Details sections.

• To assign a security level to a new or existing record, select it from the drop-down list. Once the record is saved, it can only be accessed by users who have been assigned this security level.
• To allow users to retain their access to an existing record, simply leave the security level unselected (this is the default behavior).

Note that action and failure analysis records inherit the security level of the parent record (e.g., an incident action can only be accessed by those who can view the parent incident).

EXAMPLE
Let’s assume that security levels have been defined for your company’s three major geographic divisions — Eastern, Western and Central — for use in incidents. These levels appear in a drop-down list named Regions. In this case, selecting the Eastern option from the Regions drop-down will ensure that users from the other two divisions cannot access this record, nor can they access any actions or failure analysis records associated with the record.

How Security Levels Affect What’s Displayed

In most cases, you’ll only see links to records that you can access based on your personal security settings. Clicking a link to a record that you cannot access will trigger an error message.

• Reports only include links to records that you can access (applies to standard reports as well as custom reports that are based on standard reports).

Note: Reports are generated based on each user’s security settings; therefore, two users running the same report will see a different set of records if their security settings differ.

• Charts may include data for records that you cannot access, depending on the record type:
  • Incident, problem, project, and CSI charts are filtered to exclude any data you cannot access, but action and failure analysis charts will display aggregated data that includes records you do not have permission to view.
  • In either case, any records that you cannot access are always excluded from results when you drill down.
• E-mail alerts and the tasks list in the XFRACAS portal may contain links to records that you cannot access. Clicking one of these links .

In addition, certain fields will not be displayed if security levels are defined in the entity:

• The Make Public option, when you are saving reports and charts.
• The Enter E-mail Address Manually field in the Send E-mail utility.

Associated Files

Security settings also determine which records can be linked to another record via the Attachments utility. The following restrictions apply when you select XFRACAS ID from the Data Source Type drop-down list in the Associated Files dialog:

• You can only associate records that you have permission to view; if you try to link to a record that you cannot access, an error message will appear.
• The Incident Search dialog will only display records that you can access.