Project Advanced Security's Limitations

phil_bool_unifi
Kilo Sage

an hour ago

Hi everyone. 
I'm working with a couple of customers who are adopting or considering the Project Advanced Security plugin as a step towards being able to secure a small number of sensitive projects in their instance.

 

Both have asked the same question in different ways:  Precisely what doesn't it do?

 

I'm still promoting this product as the best leap towards the ability to manage an additional layer of confidentiality, but I've been building a list of enhancements customers have benefited from. 

 

I'd love to get feedback on which items here are in the roadmap for resolution, or actually covered in a way I may have missed.  I'd also love to hear from anyone who's spotted a limitation I haven't captured below.

So far I've got:

  1. The name of the secure project will be displayed in some environments such as:
    1. on the Portfolio record (pm_portfolio) if the project is added to a Portfolio
    2. on the program record (pm_program) if the project is added to a Program
  2. A "Number of rows removed from this list by Security constraints" message can appear when viewing RIDAC records (for example from risk.list in the native view)
  3. There's no mechanism that stops a PM from locking themselves out of a project, or warns them if they're about to
  4. There is no warning/confirmation when a PM is de-selecting the Confidential box
  5. The 'Groups' box allows you to select any group, not just ones that give the Project Manager role, or ones where at least one member has the PM role.
0 Helpfuls
  • 76 Views
1 REPLY 1

Tanushree Maiti
Mega Patron

42m ago

Hi @phil_bool_unifi 

 

If Plugin is not installed

  • You may lose the ability to strictly control who sees specific projects, leaving sensitive project information accessible to anyone with general project access
  • No "Confidential" Project Flag: You cannot mark specific projects as confidential in the Project Workspace. refer: Confidential Project Flag 
  • Security Risks: Without this plugin, you cannot restrict access to sensitive projects, sub-projects, or related entities to authorized users only.
  • Visibility Issues: Sensitive project information (financials, project tasks) may be visible to individuals who should not have access, leading to a lack of data privacy.
  • Missing Features: You will lack the ability to configure security directly on a project in the Project Workspace, meaning you must rely on complex, manual, or broader table-level ACLs.  Refer:  Configuring security for a project in Project Workspace 
Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls
Related Content