Scope under Role Management does not cover all sections of the management sections
under review
m
myr
When we create Roles we define the scope to which the user has access to. Each customer has scope to their group only. However when we give permissions under Roles we have found that one customer is able to see things from other customer. For e.g. if we enable Audit logs role for a customer account then that user is able to see the Audit logs of other customers also. We opened a support ticket and they came back saying that the scope does not affect all areas of the management sections. Below is the list.
It is VERY important that one customer does not see other customers information. This should be a top most priority in my opinion.
Dashboard:
Audit - covered
Compliance - is not covered
Valkyrie - is not covered
Reports - is not covered
Notifications - is not covered
Audit logs - is not covered
Devices:
Device list - covered
Bulk installation package - covered for the list of customers and device group
Users:
User list - is not covered
User groups - is not covered
Role management - is not covered
Configuration templates:
Profiles - is not covered
Alerts - is not covered
Procedures - is not covered
Monitors - is not covered
Data Loss prevention - is not covered
Network Management:
Discoveries - covered
Profiles - is not covered
Devices - covered
Monitors - is not covered
Application Store:
iOS Store - is not covered
Android Store - is not covered
Windows Application Store - is not covered
Applications:
Mobile Applications - is not covered
Patch Management - is not covered (covered for customers/groups tree only)
Global Software Inventory - is not covered (covered for customers/groups tree only)
Vulnerability Management - is not covered
Security:
Endpoint Security Status - covered
Security Events - covered
Blocked Threats - covered
Quarantined Threats - covered
Contained Threats - covered
HIPS Events - is not covered
Firewall Events - is not covered
Autorun Alerts - covered (besides counters)
File Rating - is not covered
File Verdicts - is not covered
Device Control - is not covered
Data Loss Prevention - covered
License Management:
License Management - is not covered (covered for the names of companies in Allocation tab)
Settings:
System Templates - is not covered
portal Set-Up - is not covered
Apple DEP - is not covered
Support - is not covered
Umut
Hi myr,
Thank you for reaching out to us and making really detailed request!
We have added this request to the roadmap. (#CS-54412)
Best regards,
Product Management Team
Umut
under review