Questions about using Queues to restrict workitems
We are currently extending our Service Catalog to HR and Finance and we have some concern about sensible data that the tickets may contains. I watched the recent webinar “How to Extend Your Service Catalog to Other Departments” and during the demo, this was addressed using Queues and User Role.
Ideally, I want to restrict IT tickets to the HR team and HR tickets to IT (or simply just restricting HR tickets to any other analyst).
In my test environment, I created a queue for “SR SupportGroup is HR” and another for “SR SupportGroup is not HR”, assigned those to User Roles. I also had to remove the “All work items can be accessed” to any other user role to make this work. Then everything worked as I wanted for Service Requests but now no one has any access to the other types of work items and the end users does not have any access to even their own tickets on the portal.
Does that mean I have to create a Queue for any other work item classes (All CR, All IR…)? That seems to add lot workflows for so little. Is there a more efficient way?
For the end users, if I give them access to the queues, all analysts will also be grated access to the queues. Other than having a “non-analysts” group, how do you manage that?
To anyone that uses Queues in their environment to scope Work Items permission, did you see any performance hit after implementing this? Did you see any other performance or usage impact?