Totango Security and Access Control

Overview

This guide is designed to provide a comprehensive collection of all the features in Totango that allow organizations to control and restrict access to data and actions in Totango based on user role.

This document covers the following topics

• Limit accounts visible to SuccessTeams
• Define account and user attributes as Sensitive
• Mark account attributes as Read Only
• Restrict access to actions in Totango

Limit accounts visible to SuccessTeams

The Core and Extended Search scope settings of SuccessTeams allow Totango admins to control which accounts and account attributes are visible to members of a Success Team. For example, if teams are formed by region, you may want to restrict access to US accounts to only employees on the US team, restrict access to EMEA accounts to only members of the EMEA team, and so on.

The Extended Search settings of the Success Team will allow team members to have limited visibility to accounts outside of their team's core scope. 

Define account and user attributes as Sensitive

Totango allows admins to mark account attributes and collections as sensitive. Attributes and collections marked as sensitive will only be visible to Success Team members when the accounts are part of the Core Scope of their Success Team.

Accounts that are part of the Extended Search scope will still be presented, but attributes marked as sensitive will be hidden.

Mark account attributes as Read Only

Customers bring data into Totango from several systems to provide a comprehensive view of their Accounts. Totango is not the system of record for these attributes; therefore, they should not be editable in Totango. Global administrators can mark attributes as Read Only, thus preventing Totango users from making changes to these attributes.

Restrict access to actions in Totango

You may want to control what users are able to do in Totango based on their role. Totango allows global admins to create and assign custom roles, and define permissions for each role.