System variables, such as File Groups, allow custom naming which makes them easier to organize and document. Unfortunately we have discovered that within a single customer's system, we are able to view all File Groups that exist; even those we created for other customers. Depending on the naming of the file group, or even the file path necessary for the file group to be usable, this could pose a risk of untended data exfiltration between customers, remote identification by one customer of a potential vulnerability of another, and several other undesirable scenarios.

It would be a logical extension of the profile system to make System Variables a linked asset to profiles, and any form or field that pulls from these only has visibility of those that have been assigned to that device's combined profiles. This should allow flexible management of system variables without unnecessarily requiring recreation or duplication of all previously generated system variables. The default setting, or at least a temporary default for launch, could be “All” and then configuring the setting automatically would apply as a filter.

As a workaround, we have restricted access to XCS using the XCS Access Control profiles section to limit access to endpoint-accessible areas that can see File Groups, but this capability would still allow for cleaner configuration and documentation per-customer or per-profile.