Introduced in 8.7
Imagine your HR department work with multiple organizations all over the world. For security or secrecy reasons, you may want to restrict access of your HR specialists to some other services of your company. You can achieve that by using data segments classifiers in your workflow. You assign special data segments to different Alloy Navigator objects, configure your business processes using these segments and grant access to particular data segments through specifying technician's security role. In our example, you can enable specialists of Human Resources to work only with those Tickets that were related with their team and filter out other objects and services.
To proceed with the example and manage processes with data segments, use the following algorithm:
Create a new data segment value. For, example, HR.
INFO: For details, see Adding Values to Data Segments.
Create a new Action Form ("New HR Ticket") for submitting HR Tickets. Then program auto-assignment of the HR value to the Data Segment fields of newly created Tickets.
INFO: For details, see Adding Interactive Create Actions.
Create a new technician's security role that gives the following permissions: permission to work with all Tickets assigned to the HR department and permission to work with the HR data segment.
INFO: For details, see Creating and Maintaining Security Roles.
Add technician accounts of your HR specialists to the specially created security role.
INFO: For details, see Adding Security Role Members.
NOTE: By default, all Alloy Navigator objects are marked as the IT data segment. Any security role member is granted with access to this segment. If you want to change the default settings, make up your own list of data segments and change the access scope of particular security roles as needed. For details, see Controlling the Access Scope.
The Users & Security > Accounts and Roles > Data Segments section displays the list of currently available data segments and allows you to set up the list as follows: