We appreciate you taking the time to vote and add your suggestions to make our products awesome! Your request will be submitted to the community for review and inclusion into the backlog.

We recommend reviewing what is submitted before posting, in case your idea has already been submitted by another community member. If it has been submitted, vote for that existing feature request (by clicking the up arrow) to increase its opportunity of being added to Cireson solutions.

For more information around feature requests in the Cireson Community click here.

Muliti-Tennancy / HIPPA Compliance via More Granular 'Analyst' Access to Portal Work Items.

Adrian_PaechAdrian_Paech Customer Advanced IT Monkey ✭✭✭

What I would like to see is the ability to add certain users into an AD group so that when these users access the system they will 'only' be granted analyst access to a ticket when the ticket is assigned to a support group they are a member of, otherwise it will only provide end-user access to the ticket.This would allow for better segregation between tickets, depending on your support group, and prevents end-users from seeing 'private notes', and other extended information unless the ticket is assigned to their support group.

Further to this, I would like to see the ability to mark a work item as 'sensitive'. And this would lock access to a work item, so that is can only be accessed by the assigned support group, no other end-users (except administrators) can access the ticket at all. This would assist with PII, PCI, HIPPA compliance etc.

If people have other ideas which may enhance this feature request, just sing out.

Cheers,

Adrian

16 votes

Submitted · Last Updated

Comments

  • Jason_MeyerJason_Meyer Customer Adept IT Monkey ✭✭
    Upvoted.  

    Just an opinion: I think you have to put the protection on the work item or ticket.  If you put the protection on the "Assigned To" or "Support Group" and the work item is assigned to an unprotected person or group the security is broken.  In my organization tickets are routed to many groups throughout it's life cycle.  Wondering if a check box on work items that says "Sensitive Information" and then only users in a security group that allow "Sensitive Information" views would solve this?
  • Adrian_PaechAdrian_Paech Customer Advanced IT Monkey ✭✭✭
    edited September 2017

    Thanks Jason,

    That's a great Idea,

    I agree that a Cireson Specified "Security Information Group" used for accessing sensitive work items makes perfect sense, rather than using the support group for filtering. Thanks for your input / amendment! :)

    Regards,

    Adrian

  • Mark_JonesMark_Jones Customer IT Monkey ✭
    Our situation may be similar.

    All of IT are members of the Cireson_Analyst group which currently are designated as the group to enter all work items. In the case of Change Requests, we have a handful of non-IT individuals that are technical support folks for their area and would like to have access to create CRs. At the same time, we do not want these folks to have access to all the IRs and SRs managed by the same AD group.

    I see the need - in our case - to be able to add a secondary group to which ever work item class we need to customize the selectivity of access. I supposed I can create a separate AD group to include the Cireson_Analysts adding in the individual's names just for CRs. I'm sure it's just me, but adding a secondary AD group to the 'AD Group With Access" field is more intuitive! :-D

    Thoughts?

    Regards,

    Mark
  • Conrad_ShealyConrad_Shealy Customer IT Monkey ✭
    I would also like to see this feature, the ability to block analysts from different business units from viewing the tickets that belong to other groups.  Such as IT users not being able to see HR tickets even though they are analysts in the portal.
  • David_Morris1David_Morris1 Member Advanced IT Monkey ✭✭✭
    Upvoted, the ability to have multiple levels of analyst/end user dependent on a particular value in the ticket such as support group would be great. with regards to segregation of tickets between different users can't this be handled with Queues within the console? i.e set up a Queue for all "Security" category incidents and only allow certain user groups to have views of that queue
Sign In or Register to comment.