1 of 1 people found this helpful
The data partitioning in ServiceDesk is for restriticing customer groups from seeing incidents for any other customers as an extra level of data security over the general query design you might have to limit contacts seeing other customer's incidents via the portal.
We have had some implementations have different departments of sections of the business using the same system but the restirctions are only down to how the process, window and shortcut design is published to different groups/roles.
Just to make sure I'm clear on your answer, I want to throw my scenario out there for your opinion. I'm going to be "sharing" the Call Management module between our HR and Lab departments for call tracking. We have created 2 roles for each department under Analyst and we have also created 1 group for each department under Support Group. I believe I should create seperate object attributes, windows, queries, processes, templates, etc for each department. Should I also turn on Data Partioning for the Call Management module?
If we do turn on Data Partioning, do I need to change permissions/settings anywhere to make sure that HR users can't see tickets created by the Lab and vice versa? Is there any documentation on the best way to partition data within a module?
Thank you for all of your assistance,
Is it possible to apply partitioning to support groups. So that incidents created by a particular group (HR Team for example) are visible to no other groups?
If this is not possible how can I ensure that incidents raised by a group are seen only by them and don't show up in queries and knowledge searches done by analysts in other groups?
Data partitioning is being implemented in stages and, at present is not set up for Analysts/Support groups. However, if you are using version 7.2.5 or later you do have the option of making attributes 'privilegeable' which is, from a security point of view even more secure. You can make attributes privilegeable in Object Designer. This will mean that if you don't have the privileges to see a particular attribute but you open a window that should display that attribute you will instead see an empty space.
If this does sound like a suitable work-around for you I would recommend applying the changes to your test system first. I have seen some people run into problems with assignment/reminder notifications as their Outbound Mail is not authorised to 'see' the privileged data so can't send the mail. There's probably some other small 'gotchas' too so it's worth doing a thorough test, particularly as you will be relying on the functionality to hide certain data.