Service Desk Practitioners Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

isolating Service Calls

Highlighted
Saxo-JFE
Super Collector

isolating Service Calls

Our Security Dept is using Service Desk and want to use Service Calls as a way of logging all Security related issues (you could call them incidents, but well)
Because of the nature of those service calls, there might be confidential informtion that only security is allowed to see.

Is there a way of isolating such service calls so that they are only visible to security?

I was thinking about using a specific role and then i am not sure how to continue as special views/templates do not seem to isolate the records (still can be searched and opened)

any suggestions?

I will need suggestions for both SD4.5 (this one is more important) and SC6.2

thanks in advance
6 REPLIES
Mark O'Loughlin
Honored Contributor

Re: isolating Service Calls

Hi,

set up a folder. Onle assign rights to the folder to security tem. You can also assign them other roles as well for default access.

Have a rule set the folder to secuity when they set say "Category" or a similar field to "Security Incident".
Saxo-JFE
Super Collector

Re: isolating Service Calls

Thanks

SO far this is what we have.

- an email enabled Service Call template.
- The Service call template fills in automatically the folder we created for this.
- a role which is the one to have access to see the Service Calls in that folder

But we are not able to give this role the permission to see this folder. Or the other roles the persmission to see everything, except this specific folder

If it is of any help, we have never used folders and this is the first one that has been created

Thanks and rgs,
Mark O'Loughlin
Honored Contributor

Re: isolating Service Calls

Hi,

I don't see the problem. Create a role for the secutity folder access. Only assign access rights for the role against the security folder. Only assign the role to the people that will deal with the security issues.

Be sure to assign the permissions for view and edit etc. at the folder level and not at the root level.

After you created the folder, check the other roles and make any roles that provided access at the root level are changed to provide access at the folder level.

You will need at a minimun 2 folders. One for security calls and ond for the other "general" calls .
Saxo-JFE
Super Collector

Re: isolating Service Calls

thanks, it must be the fact that i only have one folder then, because as it is now, i can't even assign permissions or access to folders (I just don't see that option)
Saxo-JFE
Super Collector

Re: isolating Service Calls

By the way, any idea on how can this be done in ServiceCenter 6.2?

Thanks
Jonathon Druce
Honored Contributor

Re: isolating Service Calls

You need to enable folder entitlements. Do this from the System panel - General settings. Then when you look at roles you will see that there are now folders for each of the items. One thing to note is that permissons on the root are inherited to the child folders. Therefore you will need to create 2 folders - 1 for security and one for "others" and then update all existing Service Calls so that the "Folder" attribute is set to the "Other" folder. Then change all non security roles so that they don't have root permission to Service Calls - only to the "other" folder. Then change the security role appropriate access to the security folder.

This is functionality is also available in SC6.2 but is called Mandentan. Effectively you add a query expression to the mandenten group that is appended to all queries that they run. For example you may create a group that for Interactions any access has a query added to it "and attribute is not 'Security' (where attribute is where you indicate what type it is.

Be also aware that in Service Desk 4.5 the servicedesk account can still see any data - as can anyone with the admin role. The folder restrictions are not applied if you use an ODBC connection to look at the data.

Apparently Service Manager 7.x will have both the Mandentan and Folders.

Have fun and good luck.
//Add this to "OnDomLoad" event