Administer > Application Setup > Controlling user access and security > Folder entitlement

Folder entitlement

Folder entitlement isolates company information in folders, ensuring that the right users have the right access to sensitive company data. For example, a company that manages more than one organization could create separate security folders for each organization. Users in organization A could be granted access to Folder A and users in organization B could be granted access to Folder B. The information in an organization is tied to a security folder when users open records, such as incident records. Therefore, users in organization A could not access incidents, changes, or requests made by organization B, and vice versa. When folder entitlement is enabled, a new field appears when users open records. This field allows users to select the security folder, allowing them to tie the information in the record to that security folder. Users outside the organization who have not been granted permission to access the data in the folder cannot see the record. When users outside the organization search incidents, changes, or requests, the records are not found.

In HPE Service Manager, a System Administrator enables or disables folder entitlement. For more information on enabling and disabling folder entitlement, see the related topics.

The available out-of-box company security folders on the Folder Entitlement tab are DEFAULT and advantage. However, the System Administrator can add folders to meet your business needs.

For each security folder added, a System Administrator must grant permissions to a specific application security profile, thereby granting permissions to all operators associated with that profile. Permission settings are selected for operators based on roles that reflect their responsibilities. When defining roles, each role displays a top level view for all folders. You can then click on each folder and set rights on individual fields for a folder, or modify workgroups. If a user does not have specific rights defined for a folder, the default rights from the user profile are assigned.

The System Administrator can set the default folder for an individual operator. This setting allows the records opened by the operator to be automatically associated with the default security folder selected.

Note Using the legacy listener with the security folder is NOT supported.