It would be useful to have an Access Level that is strictly for the person/team handling the billing on the Hubspot account. Currently it's under the SuperAdmin access, but that allows anyone with SuperAdmin to make changes that affect the charges on a person's credit card without going thru the cardholder.
It would make it more secure and less suprising when charges pop up if there's a specific access for the person(s) handling the bills.
This is currently possible if the user is not a super admin:
It sounds like you might have more Super Admins than you need, there are more nuanced controls available that can remove the need for having a large number of people with super admin access.
We only have 3 at the moment, and can't go down from there. I would normally agree but with the size of our company we have need of this, so a separate option for Billing Control would be useful so that the other admins can't make charges to the single card on file that doesn't have their name on it.
@HHSola thanks for the additional information about your use case - there are really only 3 permissions Super Admins have that a regular user can't be assigned:
Add/remove other super admins
Access the account API key
Create/Manage scheduling pages for other users
Every other permission has nuanced control and can be assigned based on their roles. While it is best to have at least 2 super admins, and I know you mentioned only having 3, if you can't reduce the risk of someone upating your billing, it might help to provide training and resources about being a Super Admin and what they can and can't modify.
I can certainly understand why this would be valuable to add for your use case, but it adds a restriction to a Super Admin that goes against the definition of what it is to be one and could cause issues for the majority of other organizations.
As a suggestion, rather than modifying the user permissions, as a security measure it would be great if the CVV code were required to process a change to the subscription as a secondary verification. This information is typically limited to the cardholder and would be available to another Super Admin in the event that person left the company and turned in their card, etc.
Understood. Requiring the CVV be required would be great! It does look like there's an option to allow/not allow other admins to use the payment method provided (it is currently unchecked), so for now that will have to do. I appreciate your candid-ness on this, and if it ever becomes an option in the future that would be stellar 😉
@HHSola sorry for any confusion, I'm not part of the HubSpot product team - I just thought it would be helpful to know the setting is currently available (for non-super admins) and try to offer some insight into how the super admin role is defined and used by the majority of HubSpot customer's so you could find a working solution for your organization, I'm glad you were able to find the setting to not allow others to use the payment method.
I think the CVV code idea could add a level of security and hopefully the product team will consider a feature like it sometime soon! 🙂
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
