Security Features

[smiley]

I consider Collanos to be the almost perfect tool for collaboration of geographically distributed teams and I certainly plan to use it for exactly this purpose. However, I think it lacks some security / access control features which are essential for most projects.

What I'd like to see:

Access Management functions
- who may invite new members?
- what access rights do new members get by default?
- who may change these access rights?

Item Management
- who's the owner of an item?
- who can read / add / modify / delete an item?

Folder security:
- Ability to allow only specific people access to certain folders


You might want to have a look how Lotus handles these issues with their Domino product. Although Domino can't be really compared to Collanos, they had some great ideas concerning security which might be worth checking out. One or the other idea might be actually easy to implement...

Kind regards and keep up the good work
Jan

[Gil Heiman]

Hi Jan and glad you're enjoying Collanos.

As you may have noticed, currently there are three permission types: Manager, Participant and Guest. Each type has leveled access to certain functions and content.
Guests, for example, cannot invite anyone new to a workspace. Managers are the only ones that can change permissions.

Currently, all invited members are assigned Manager rights. Very soon, we will release a feature that will allow you to overwrite this default setting (through your Preferences) and select a different default permission for anyone you invite to your workspace.

Permissions are assigned at the workspace level. In the future we plan on allowing Managers to assign permissions down to the folder and object levels.

At the object level we are also considering adding a field "Owner" along with a workflow and the role of each team member in regards to that object.
Will this be useful for your purposes?

If you know of specific features in Lotus Notes that you would like to see in Collanos, please elaborate on them and we will look into them.

Note: To learn more about Permissions we encourage you to visit the Help section and look up "Permissions".

Cheers,

Gil
Team-Collanos

[smiley]

Hi Gill

I've been looking very carefully through the documentation and I found the current access control concept rather - well, meager.

Here's what I'd like to see:

* Roles or Groups: Ability to assign people a specific role or group. A "role" or "group" would be basically a name with some access rights (see below) attached. By default, there would be the groups you've been already using, i.e., Manager, Member, Guest with the access rights similar to what you're using now (would have to be thought about, though).

* Ability to attach access rights to a group or role AND an individual.

* Ability to define the default role for new members

* Default role should have the LEAST privileges, not the highest, in order to avoid an accidental leak. This is the reason why I'm a bit reluctant to use Collanos right now; that new members are assigned manager rights is a major security risk.

* Privileges (access rights) I currently would see:

-Manage: user has full control over an item, including right to modify privileges on this item and its subitems
-List: user sees the items in its parent category (object is listed in a folder, etc)
-Create: Create a new item and assign any privileges to it
-Modify: Modify an item
-Delete: Remove an item

* Privileges can be assigned to any item, an item being a workspace, a folder, an object.

* Privileges by default are inherited by the parent level, unless an item has been assigned other privileges (in which case it should be marked as such to the manager, or owner, of the parent items).

* You could assign other attributes to roles or groups, like, for example, the right to invite other members, or limit the disk space assigned to this role, etc.

I *think* you could cover most circumstances with this concept.


Now for the why: There are three reasons I'm a bit reluctant to use or recommend Collanos as it is:

- Default role is Manager: This means everyone can modify the information, even if it's for information only.

- Access of new users can't be controlled: This means that I do not know who is going to see the information and I can't control it. Combine this with the above point and you see that Collanos currently can't be used to store any information which is just the least bit restricted.

- No control over how and where the information is stored.

The above two points could be solved with some access control concept. I might sound a bit paranoid, but I've been working with, and implementing, access control schemes for a long time, and I also happen to know that *controlled* access to information is one key success factor for many businesses or projects.

The last point is, I think, already on your schedule...

Hope this helps

Jan

ps: Domino has much more elaborated access control mechanisms - some of them being overkill. Still, it's interesting how they have solved this problem. After all, Collanos does share some of the concepts with Domino, that's why I suggested looking at it.

[Gil Heiman]

Hi Jan and thanks for putting in the effort to send us all the feedback.

This feedback will be incorporated in our future product requirements and eventually - the new features to be.

1. Regarding the default permissions, this requirement has already been documented and handed over to the delivery team. You will have the choice (via Preferences) to select a default 'group'\'role' for any invited member to your workspaces very soon. You can decide if the default would be the ‘lowest’ or any other option. For example, we, within Collanos, prefer to assign the highest, i.e. ‘Manager’ as it provides us with a full back up between team members.

2. Folder/Object level permissions is also a frequent issue we come across and will address in a future release.

3. Grouping of Privileges – I like this idea of breaking down the privileges to various tasks, such as: “Invite”, “Delete”, “Add’, etc. where later the user can group several of these to form a new Permission Level, on top of the current “Manager’, “Participant” and “Guest”.
We will discuss this internally and see if we can come up with this advanced feature.

Cheers and thanks again.

Gil
Team-Collanos

[Catapault]

Super stuff.

If I may add a couple of thoughts and apologies if these are already implemented:

1) I'd really like to see a delete lock on files so that accidental or deliberate mass deletions on one workspace aren't cascaded without a prompt or a lock.

2) When a participant is invited am i correct in understanding that their workspace is removed? Is there a way to limit the ability of the ex-particpant to pull the files out of the workspace, for example have them encrypt or scramble if a non administrator / member level user tries to remove them from the workspace.

Appreaciate any feedback.

thanks

Jim