Background
Our organization is structured into multiple departments, each responsible for its own set of customers. To ensure proper data segregation, users should only have access to customers within their assigned department.
Current Issue
While this separation is expected across the platform, it is currently not enforced within Solution Baselines. In this section, users are still able to see all customers, including those belonging to other departments.
Requested Improvement
We request that Solution Baselines respects the same access control rules as the rest of the product:
- Users should only see customers they have explicit access to
- Customers outside of the user’s department should not be visible
- Filtering and search results should automatically be scoped to authorized customers only
Expected Behavior
- Customer visibility in Solution Baselines is restricted based on user permissions or department assignment
- The interface should behave consistently with other parts of the product regarding access control
- Users should not be aware of the existence of customers outside their scope
Business Impact
- Prevents unintended exposure of customer data across departments
- Ensures consistency in access control across the platform
- Aligns the product with organizational data governance policies
Comments (0 comments)