/build/static/layout/Breadcrumb_cap_w.png

Ticket category security?

We want to use KACE to enter tickets centered around Peoplesoft.  However, we are worried about people having visibility into personal\sensitive data contained within the ticket.  Does anyone know if it is possible to create security around the ticket Category (or some other way) that would help us address this?


0 Comments   [ + ] Show comments

Answers (4)

Answer Summary:
Posted by: nshah 11 years ago
Red Belt
1

The short answer is, if anyone is a admin or ticket owner then can see any data on any ticket owned by anyone. There isn't that level of control yet in the kbox. 

Posted by: chucksteel 11 years ago
Red Belt
1

If you need to make a set of tickets more secure you will need to have them in their own queue at the very least. 

Posted by: Robbieb 11 years ago
Orange Belt
1

Thank you both for your answers.  Chucksteel, I didn't think about having a seperate qeue.  I may persue that idea.  -  Thanks again.

 


Comments:
  • Yes but remember someone with an admin or ticket owner can switch over to a queue and see tickets. - nshah 11 years ago
    • That's not entirely true. If they are a potential owner in the queue, then yes they can see the tickets, but just being an admin doesn't grant this. I have setup queues that I normally don't have access to, without making myself a potential owner. The trick is to make sure you uncheck the Grant read/edit permissions to users with an Admin role (admin portal only) option in the queue configuration.

      With that setup I can't get to the queue at all without changing the queue configuration, and I can only do that because I'm the KACE administrator. Since I'm not even a potential submitter in the queue it doesn't even show up on my list of queues. - chucksteel 11 years ago
  • Looks like you are 100% correct chucksteel but it also looks like you can do a all queues > active tickets and see the tickets that way. Also as i am still submitter, i was able to create a ticket and the test queue reappeared in my drop down again even with Grant read/write still unchecked. I removed myself from submitter but still can see tickets from the all queue > active tickets.

    I create a new queue
    gave it a different label as owner
    unchecked Grant read/edit permissions...

    It doesn't appear in m switch to queue but i can see all tickets and see the test ticket i created in the queue.

    is that the same for you? - nshah 11 years ago
    • This is a little weird. I can't see the tickets under All Queues, Active Tickets, but I can see them under All Queues, All Tickets. However, when I try to view any of the tickets I get a message saying that I don't have access to it. - chucksteel 11 years ago
  • It could be a process issues and certain things have to be done in certain steps. I will try again but I was able to view the ticket even though I wasn't an owner, and grant read/edit was taken away.

    another issue could be our box is almost pre 3.0 in version and has just been upgraded over the last 6 years. There could be some old stuff still lingering around that wasn't fully changed as we went from version to version. This is alittle far fetched but one never knows. - nshah 11 years ago
Posted by: GeekSoldier 11 years ago
Red Belt
1

Ultimately what nshah and chucksteel are getting atis you need to be very selective and careful about how you assign your user labels, and I've found that if you want to be more granular it does take more labels. The same goes for the different roles in the K1000. For the level of confidentiality you're looking to maintain it may be a trick to accomplish in the K1, but I think with what they've listed you'll have a great start.


Comments:
  • Thanks to all of you. I have been able to create a new queue called "people soft" and make it only visible to members of the people soft label. Under the user preferences section I unchecked the Allow all users as submitters optionand Restriced Submitters to the People Soft Users. I also Unchecked the "Grant read/edit permissions to users with an Admin role" check box so help desk staff, etc could not see the queue. I have a bit more testing to do but so far it seems to be working. Thank you for everyone's input. - Robbieb 11 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ