About Security Details

Starting in Version 2021, you can restrict certain users from accessing incidents, problems, projects and CSIs, along with any actions and/or failure analyses that are associated with these parent records.

Access is controlled via a “security detail” that can be created for a given record type and then assigned to individual users or security groups. When someone creates an incident, problem, project or CSI record, they can specify a security level; only users who have been assigned that level will be able to view that record.

In order to restrict access to certain records from unauthorized users, you’ll need to complete three main steps:

1. Create a security detail.

2. Assign security levels to individual users or to security groups.

3. Assign security levels to records.

Note: See the Security Levels topic in the user help for more information about how this feature is implemented.

Disabled Fields

To ensure that records cannot be accessed by those without the required permissions, certain fields will not be displayed if security details have been implemented for the entity. These fields include:

  • The Make Public check box, which appears in the following places:
    • Save Report dialog when saving a report or chart in the Report Builder. (See Saving Reports and Charts in the user help.)
    • Save Dashboard Layout dialog when saving a dashboard in the Dashboard Designer (See Dashboard and Designer in the user help.)
  • The Enter E-mail Address field, which appears in the Send E-mail dialog when a user selects the manual entry option (the drop-down list will be populated only with users who have permission to view the record). (See Send E-mail Utility in the user help.)

Attachments

Uploaded file attachments that are stored in a folder outside of the database are no longer accessible via a direct URL; instead, they are downloaded securely when users click the attachment link. (See Attachments in the user help.) Additionally, checks are performed to only allow access to users who have the required security level for the parent record.