Secure Your Project Insight Data with Permissions
Questions about this training? We've got answers! Post your questions here.
Audience
Project Insight administrators
Description
Project Insight combines robust permissions with ease of use. If you are a Project Insight administrator, user manager or project manager, you should understand how to implement powerful permissions. Learn how to use Project Insight's powerful permissions and security features to provide the proper access levels to team members. Whether a team member is an internal employee, client, vendor, partner or sub-contractors, give them access to data pertinent to each.
Benefits
- Learn how to add team members, groups of users and organizations to your system
- Understand the types of permissions and how and when to deploy them
- Use permissions and roles with confidence
Key Points
Project Insight offers robust permissions that you can use to assure that your team members have access to the right information at the right time. Roles and permissions also make sure you limit information when needed to secure your data.
Permissions can be set at almost any level and on any entity in Project Insight. For example, they can be set on a folder, a project or even a task or issue.
The permissions that you can set on an entity are the industry standards read, add, change and delete.
Item Permissions
Folders are the most common place to set permissions. Visit the Edit Folders and Navigation option in the System Administration page. Check out the edit icon in the top right corner and click on the Permissions tab.
This same format is used for setting permissions for all entity types.
Add companies, groups and users
Grant permission on an entity by Company, Group or User
- For example, you can set up a company and give the users associated with that company access to the folder or entity
- Or you can define a group and give members of that group access to the folder
- Or you can give an individual user access to the folder
Once you select a company, group or user to set permissions by, then you can say whether that company, group or user has read, add content, change or delete access.
For example, there will always be a Group called All Authenticated Users and any user in that group has read, add content, change and delete permissions on this folder.
Companies
From the Administration section, click on Companies to see a list of the companies that are already setup in Project Insight.
These Companies will include your own company, but it may also include customers, vendors or contractors, or any organization you might collaborate with on projects.
You may have a contract with a company that provides consultants that do work on your projects. You may want to give those consultants access to Project Insight so they can see a list of their tasks and update the status. However, you may not want the consultants to see any other projects than what they are scheduled to work on nor do you want them to see your internal team or teams from any other organizations.
To setup those kinds of permissions at the company level, you must have Permission Assignment Enabled for that Company.
See the column called Permission Assignment Enabled:
If you see “Yes” in this column, then for an item, you are able to select that company and set permissions for that organization.
You may toggle the Permission Assignment Enabled option to “No” for a variety of reasons. “Company” is used for other function in Project Insight other than just permissions. For example, they may also be used to designate who a project is being performed for and for rolling up reports by company or organization.
If Companies are used for those other purposes and there are no active users assigned, then you may not want permissions assignment enabled.
If you navigate to Grant Permissions By set to Company, it will show only the Companies that have that option checked to yes.
Groups
The next level you may set permissions for is a group.
In the Administration section, click on Groups.
Whereas companies have multiple purposes in Project Insight, groups are primarily used for setting permissions and it is the most common way of setting permissions.
If you have ever managed permissions at an operating system level, you may recognize this as a standard way to set permissions.
You may want set permissions at a group level versus a company level because a team member can belong to more than one group, but a team member can only belong to one company.
If you play different roles for the organization, you can be assigned to more than one group. Also, it is a best practice to use groups rather than permissions by user as you can join members to groups or remove them without changing your permissions each time.
You can add a new group by typing in the gray line, and hit save. That easy.
To add users to that group, click the Users icon.
On the left side, it shows all the available users in the system and the box on the right side, shows the user of the group.
Double click on a user name to add that user to the group.
Click Save to save it.
Two groups that have special functions in Project Insight are the All Authenticated Users group and the System Administrators group. By default, every user in the system belongs to All Authenticated Users. And those users set as System Administrators are in the System Administrators group. You cannot change these default groups or add or remove users.
Users
Setting up permissions by company or by group is the recommended best practice. This makes it easy to maintain and monitor.
Although, you can set permissions by individual user, we do not recommend it, unless there is a very good exception. It is easier to setup a group and maintain permissions at that level and it reduces the chances for errors and setting of wrong permissions that could occur if you’re doing it by individuals.
Comments
0 comments
Please sign in to leave a comment.