Is there any other way I can restrict Knowledge Base articles to a specific group - aside from the 'Can Read' and 'Cannot Read' fields

Go to solution
Hola Ola
Giga Guru

‎04-22-2022 09:21 AM

Hello all,

I am aware of the 'Can Read' and 'Cannot Read' fields that can be added to the KB form - which I have demo'd to my customer and he doesn't want/like.

Below is the specific requirement from the customer: 

"I would like to upload articles to the KB section of ServiceNow for business continuity and sharing of network information across his team. As all IT work is supposed to be completed in SNow, I would like to store documentation in the KB section rather than network drives, team sites, etc. I would like to have a "bucket" within the KB section that is locked down to required personnel for security reasons. Is this something SNow will allow without requiring permissions on each KB article created? i.e. can a KB section be locked down for permissions just like a directory on a server?"

 

Thank you for any recommendation.

0 Helpfuls
  • 2,793 Views
1 ACCEPTED SOLUTION

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage

‎04-22-2022 09:50 AM

Hello Hola,

You have multiple options:

1) Create a specific Knowledge base that will be used only to store those articles realted with business continuity. You can then create a User Criteria to grant read permissions on that knowledge base to users belonging to a specific group;

2) Put the articles in the same knowledge as other articles and manage the Can Read field. You mentioned that your customer does not like this solution, but it is a fairly easy and secure way to manage the access to specific records.

3) Create a specific read ACL that will restrict read permissions on articles from a specific category for a specific group.
NOTE: setting up ACLs with user criteria can end up with strange behaviors. Avoid using ACLs with usage records.

If I was the one choosing, I would go for option 1.
in option 1 you select the users that will have access to the entire knowledge base. That gives a very good level of protection/security and at the same time creates a logical separation from other knowledge bases.

Hope my post provides you with more information to take a good decision.

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Best Regards,

Filipe Cruz

View solution in original post

4 REPLIES 4

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage

‎04-22-2022 09:50 AM

Hello Hola,

You have multiple options:

1) Create a specific Knowledge base that will be used only to store those articles realted with business continuity. You can then create a User Criteria to grant read permissions on that knowledge base to users belonging to a specific group;

2) Put the articles in the same knowledge as other articles and manage the Can Read field. You mentioned that your customer does not like this solution, but it is a fairly easy and secure way to manage the access to specific records.

3) Create a specific read ACL that will restrict read permissions on articles from a specific category for a specific group.
NOTE: setting up ACLs with user criteria can end up with strange behaviors. Avoid using ACLs with usage records.

If I was the one choosing, I would go for option 1.
in option 1 you select the users that will have access to the entire knowledge base. That gives a very good level of protection/security and at the same time creates a logical separation from other knowledge bases.

Hope my post provides you with more information to take a good decision.

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Best Regards,

Filipe Cruz

Go to solution
Val K
Tera Contributor

‎11-18-2022 07:21 AM

for #2, are you meaning to use the Can Read field on the individual articles or some other magic on the knowledge base Can Read section?

0 Helpfuls

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage
In response to Val K

‎11-18-2022 08:08 AM

Hi Val K,
I was mentioning to use the "Can Read" related list in the knowledge base.

Best Regards,

Filipe Cruz

0 Helpfuls

Go to solution
Val K
Tera Contributor

‎11-18-2022 12:05 PM

interested in more info, you see our client wants one KB for IT, but some teams have sensitive info in some documents. We suggested to have the Can Read / Can Contribute on the KB for the whole audience and then to update Can Read / Can Contribute on the individual articles that need to be for those teams....  is there some other magic you did on KB Can Read to specify which articles in the KB some people can see (without scripting)?

 

0 Helpfuls