Skip to content
Thoughtfarmer intranet blog
Processes and Productivity

Security permissions: What they are and why you need them

If you are seeking a new intranet solution you may have heard the term security permissions.  Here’s some information on what you need to know about security permissions—even if you don’t have a technical background.  What are security permissions?:  Security permissions define what content a user can view, edit, or...

6 minute read
ThoughtFarmer Post Leaf Thumbnail

If you are seeking a new intranet solution you may have heard the term security permissions.  Here’s some information on what you need to know about security permissions—even if you don’t have a technical background. 

What are security permissions?: 

Security permissions define what content a user can view, edit, or share. When security marks are assigned to content, users can only access content to the level of their required security permissions. 

For example, an accounting manager may require access to secure financial information, but does your marketing team require this same access? Probably not. Sensitive data should only be accessible to the right people within your organization. 

If you like this blog, 

you’ll love our newsletter

From workbooks and whitepapers, to blog content and best practices, our monthly newsletter is full of great content, advice, and expert insight.

Why are security permissions important? 

In an intranet environment, where the software is accessed within a private network by employees or members of an organization, there may be sensitive data that needs to be protected. For example, a company may have financial data, employee records, or confidential documents that should only be accessed by authorized personnel.

Security permissions help to ensure that only those who have been granted the appropriate level of access can view or modify this data. Without proper permissions in place, unauthorized individuals could potentially gain access to sensitive information, resulting in data breaches, theft, or other security risks.

In addition, security permissions can help to prevent accidental changes or deletions of important data. By setting permissions that limit the actions that users can perform within the software, the risk of unintentional data loss or corruption can be reduced.

Overall, security permissions are an essential component of intranet software because they help to protect sensitive data, prevent security breaches, and ensure that the software is used in a responsible and secure manner.

How will I know if an intranet vendor has security permissions? 

Look for solutions that allow you to manage permissions at the section, page, and file levels. Pages that users don’t have access to should be completely hidden while browsing and searching. These rules ensure only explicitly assigned users have access to specific pages/data, and any actions within the intranet are automatically checked against existing access controls. If the user does not have access privileges, the data is unavailable until the user is granted such privileges. 

You might also want to inquire about custom permissions. This ensures that different pages and sections of your intranet are accessible by employees who require access to those specific pages to do their job. 

How will I know if the permissions are working? 

We recommend running a sitemap report periodically to confirm and verify current access levels and permissions. We also recommend enabling Single Sign-On (SSO) so system access can be easily disabled if fraud is suspected.

What permission levels does ThoughtFarmer offer?: 

ThoughtFarmer allows administrators to assign five different levels of permissions. 

  • Guest
  • View-only
  • Editor
  • Owner
  • Admin

Can users have different permissions for different pages? 

Yes, the security roles are context sensitive. This means you can have no permissions on one page (you won’t see it or even know it exists), the view-only role on another page, the editor role on another, and the owner role on another.

Will users know that they don’t have access to a page?

Not really. People with no permissions on a page will not even see the page listed in the navigation or search, and they will not see any recent activity from the page. If they have view-only access, then they will likely be aware they cannot edit the page. 

Can I change permissions once they are allocated? 

Yes. Once a person or group has been given permissions, it is easy to change the permissions they have.

Can I easily see who has access to what? 

Yes, you can sort the list of users in the Security pop-up window by User Type (person or group), Permissions (View only or View & edit), or by Alphabetical order.