User Security on Private Field Sites
At Catalyst, we understand and appreciate the importance of private field security.
With private field sites, the user permissions and roles can only be accessed by Catalyst, unless special permission is given to an outside individual or the partner managing the site.
User Limitations
User limitations include:
Folders: Public Folders are typically created on all sites. With private field sites, we recommend removing the Public Folders permission from all user roles. If you do want Public Folders on your site, it is important to inform the users that the names and the contents of the Public Folders will be visible to all users with access to the site. If a group of users does not have access to a collection, then the documents will not be accessible by that group, but they will still see the folder name.
To make a folder available to all people in your Security Group, create the folder at My Folders and then share the folder with everyone in the user list. Only the people in your Security Group will appear in the list of users with which to share the folder.
Search Fields: Fields available for searching will only include the fields of the Security Group to which a user belongs. If Party A has a field called “IssuesPartyA” and Party B has a field called “IssuesPartyB”, Party A cannot search the field called “IssuesPartyB”.
Jobs: Jobs can be configured to show only the jobs of the people who are in the same Security Group.
Bulk Printing/Export: Bulk Printing and Export will be configured to allow only public fields or the fields that the user has permissions in the list of available fields for the separator page selection and export selection.
Coding History: The ViewDocHistory permission should only be available to users with rights to all Public Fields. If it were available to all users, then they would be able to see updates to records, and this would defeat the purpose of the private field security. Administrators should take care to remove the permission from the Roles.
Bulk Updating: Bulk Updating can be turned off completely, or only fields that are associated with the user’s Security Group will be available for that user to bulk update. Bulk update permissions have to be given to a user or group of users in Roles administration.
Redactions: Redactions made by any user will be visible to all users of the site. Redaction rights can be removed for all users to avoid this problem.
Batching: Batching documents can be by public fields or private fields.
Lookups: Manage Lookups must either be turned off on the site or the permission taken away from all users if you do not want lookup tables to be seen by administrators.