I am glad to announce that ability to limit team's access to the Files tool folders has been released. If you have questions, please let me know. Keep on reading for the official announcement:
What is it?
Working with a large team in HubSpot just got easier. Admins can now manage which teams should have access to which folders and sub-folders on their portal.
Why does it matter?
For admins, this update will enable you to restrict which folders other users in your account can see and edit, giving you more control over which teams have access to certain information. This will be especially helpful for companies that have several branches, where only certain branches should have access to particular folders.
How does it work?
All folders have their access set to "visible to all" by default and account admins can use this feature only to further restrict access.
To manage access to folders in the Files tools, as an admin:
Navigate to the Files tool(Marketing > Files & Templates > Files).
In folder settings, click "manage access."
Add the teams that should be able to view the folder and its sub-folders.
If further restrictions are needed at the subfolder level, go to the subfolder settings and "manage access"
Note: Only teams with access to the root folder can be partitioned to see the sub-folder.
Initially partitioning will be at the folder and sub-folder levels, and only for teams. This means that individual files/individual users are not options yet to be partitioned. This will affect all Files currently visible in your Files tool - any files that do not live there are not under this feature! Once the beta is done and we are in GA I will update here with more info. Feel free to DM me as well!
Yes I agree, this is a huge concern for us. A basic user has access to delete our website files, this would cause so much damage. They might simply be trying to eliminate files thinking they don't need them.
Also, when they add files from a record, it adds to the main file database, which will clutter the files and give all users access to sensitive files. We need to restrict total access to the file manager, but allow attachments to records that will not be hosted in the file manager. Also, creating folders for attachments in each record would be extremely beneficial. Thank you
Yes! I completely agree. I want to send personalized emails from different users with a PNG or JPEG of their signatures, but its very tricky because I don't want eveyrone utilizing our platform to have access to those signatures. Itt would be great to be able to seaparte them out by team.
Yes I agree. This is a security incident that HubSpot has, because the entry "Files" is available for all users and we've confidental information and sensite data there.
I've found that all users in HubSpot have access to "Files", and we've there confidential information and sensitive data. This is a security incident and ubSpot doesn't have the permissions to restrict the access.
This is a situation that is urgent to solve! User Access Management is a principle that HubSpot should follow. Where is the privacy by design?
EXTREME RISK AND SECURITY ISSUE, especially after the launch of the Hubspot CMS
I would like to reinforce the request for this resource, as it is extremely important.
A free user can delete all files and images from the Company's website.
Not to mention that it can also replace the image with another one with inappropriate content.
The laughter was already very high, after they launched the Hubspot CMS that enterprise companies use, made it even more complicated, since the company's entire website uses FILES to store institutional images.
Mixing users' files with files vital to the company is serious.
Any updates on this yet? I feel as though I can speak for everyone when I say thank you for listening to our concerns! Or at the very least, everyone on this string and everyone who didn't realize the file permissions issue exists in the first place — which I guarantee would be a huge number if you polled users.
@watanak, I am surprized that HubSpot needed someone to come up with an idea for this. This really is not a feature request. This is about averting a potential risk.
We need this feature asap so that our trainees and our sales partners which are not employed by us can work in Hubspot too. Do you already know when you have got it fixed?
This is massively important. There's no way we want every single contributor / user seeing all files. The lack of ability to set permissions around this is super dangerous/unhelpful.
Sie müssen ein registrierter Benutzer sein, um hier einen Kommentar hinzuzufügen. Wenn Sie sich bereits registriert haben, melden Sie sich bitte an. Wenn Sie sich noch nicht registriert haben, führen Sie bitte eine Registrierung durch und melden Sie sich an.