Add a new idea Subscribe
Status Shipped
Categories Presentations
Created by Guest
Created on Dec 5, 2014

RELATED IDEAS

Control security of notebook sharing to system users only (admin level control)

Notebook sharing currently supports sharing with a password. However, here is a realistic corporate scenario:

  • A staff member receives a link to a notebook, with a password
  • The staff member leaves the organisation. The link and password are still active
  • Data is then available to someone to whom it should not be
  • In larger organisations, resetting passwords on shared notebooks will be an onerous task. 

This can be addressed more simply:

  • Admins can set a corporate security standard that all notebook sharing must have security; either password or system user based (perhaps even Aha role based)
  • When set and a notebook is shared, if system user based, when the user visits a link they will first have to enter their Aha username and password to view the page.
  • If the user leaves the organisation, their Aha account is deleted and they will be unable to access the link anymore - meanwhile other valid users who access the link will still have access.


  • Attach files
  • Guest
    Reply
    |     Aug 24, 2015

    Thanks Chris - You guys are too good and I should learn to read! ;)

  • Admin
    Chris Waters
    Reply
    |     Aug 24, 2015

    This feature was implemented based on Malcom's requirements. You can read about it: http://support.aha.io/hc/en-us/articles/204776015-Release-Notes-through-2015-04-08 and http://blog.aha.io/index.php/securely-share-your-visual-product-roadmap/ 

    You can lock down your notebooks so they can only be accessed by Aha! users from the products that you select.

  • Guest
    Reply
    |     Aug 24, 2015

    Hi Chris, we have this use case as well. We want to put an internal strategic roadmap and an ideas portal inside a web tab in our internal Salesforce app. Would be great if notebooks had access control similar to ideas portal.

  • Guest
    Reply
    |     Dec 5, 2014

    Thanks for the suggestion Chris. Thing is, I want to remove any options for my users to determine how to publish. Web publishing is really useful so don't want to lose that feature, but it needs to be under a much more highly controlled conditions to ensure strong data governance for confidential corporate data (e.g. product roadmaps).

  • Admin
    Chris Waters
    Reply
    |     Dec 5, 2014

    If you want to limit access to a notebook only to Aha! users you can add "Collaborators" to the notebook and not publish the notebook as a web page. Those collaborators will be able to see the notebook and download the PDF version of the notebook. There are two drawbacks with this approach: the collaborators will also be able to modify the notebook and they will not be able to see a web version of the notebook.