We are planning on going into an accelerated growth mode with some newly found investment capitol, and are concerned there is no per account security with the CommitCRM desktop client. As security needs become more important every day with proactive controlled access to which employees have access to which user accounts, it seems this basic feature is still missing. Are there any solid plans for future releases to enhance the security for accounts on a group or individual level? It seems an oversight to allow full access to all accounts for any new hire added to CommitCRM. We work with highly confidential information concerning login information for medical offices and legal offices. Security best practices dictate that we have better control over who has access to what accounts, and having only been with CommitCRM for a year we are finding ourselves at a decision point in regards to enhancements in this area. Competitors have feature available, and limiting our staff to web access only to control the security is not a viable option.
Announcement
Collapse
No announcement yet.
Security concerns - again
Collapse
X
-
racassel
- 201
Security concerns - again
-
Support Team
- 7558
Re: Security concerns - again
RangerMSP includes many options to select which privileges each user/employee have (here) - e.g. what they can and cannot do within a RangerMSP session. In addition, when working with external staff (e.g. subcontractors) you can allow them access to the system via the Web interface and limit their activity to specific account or accounts you want to provide them with access to.
When considering this with the many other things on our list I would say that at this point we do not have any near future plans to invest many resources in adding new features to further limit internal employees. However, we will probably continue to increase the various employee privileges options you have control over (please the link above) just like we have with almost any recent release.
Thank you for asking.
-
nattivillin
- 1146
Re: Security concerns - again
We want to limit access when using the client as well. Is this possible?
Comment
-
Support Team
- 7558
Re: Security concerns - again
The Web interface supports this and you can select exactly which account/s the user (usually a subcontractor) can see/manage. The Windows client that runs on your local network does not support this option, however, it does support (so is the Web interface) many different user privileges settings.
Comment
-
nattivillin
- 1146
Re: Security concerns - again
No offense but the web interface is 25% of what the client is. Nobody wants to use that unless they have to.
We use it now for our subs, because we have to, but we still have to spend time going in and making entries they cant with the web interface.
Instead of saving time, it costs time.
Comment
-
Support Team
- 7558
Re: Security concerns - again
No offense taken, while the Windows client does offer more - the Web interface is far from offering only 25%... but lets leave this aside. The additional features offered by the Windows client are usually advanced ones, usually not intended for the non-privileged employees you are referring to here (though I can think of some exceptions). In any case, thanks for your feedback. As stated above we currently do not have plans to support limiting accounts within the Windows client application. It is supported for the Web interface. We may revisit this in the future. Thanks again.
Comment
-
racassel
- 201
Re: Security concerns - again
For consideration, an easy way to add it in a future release would be to
"Limit Access to Records Where Field _________ Contains ____________"
On Logging into Commit, the filter automatically applied, and the restricted employee could only see those records..... easy enough????
I am sure many CommitCRM owners with more than a few employees would find this a highly valuable improvement. It potentially could be a strong selling point for CommitCRM to add this option to the feature list. I almost passed on CommitCRM because of this one missing feature, but the price of the product for the value provided won me over.... I feel good about my purchase, but it would not be worth the savings the client information I've worked so hard to acquire over the years were breached by a new employee.....
Comment
-
AN-Tech
- 478
Re: Security concerns - again
Would also be useful to restrict certain tabs or fields. We don't have a need to restrict employees access to certain clients but would definitely benefit from being able to keep certain employees from the notes tab or a custom tab used for client passwords and such.
Comment
Comment