ImportOmatic should...

← ImportOmatic

Enhance IOM Configuration and Profile Security

IOM security is very inadequate. Unless we restrict users of IOM Ciguration to supervisors, there is no security on profiles and no effective security on running imports. If a user is logged on to a workstation with IOM installed they can run any profile. Running a profile is very different from updating individual records. Running a profile is more like running Import or Global Change in RE and should have at least that level of security. We should be able to restrict users to a specific list of profiles they are allowed to run. As it is they see the entire list of profiles and could easily pick the wrong one from the list. IOM Security should only show users the specific profiles their user group has been given access to.

91 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Marian Ritland shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Nicol Hudson commented  ·   ·  Flag as inappropriate

    I totally agree. We have a couple people here that will be creating profiles but they don't have nor will have Supervisor rights in RE. So at this time it is leaving IOM wide open since we can't restrict it to individuals with Supervisor rights.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I'd like to see you are able to allow some users to access IOM configuration of certain profiles, so they can control/edit/update the profiles themselves when a need arises.

  • Nicole Kennedy commented  ·   ·  Flag as inappropriate

    I agree. This type of security should also carry over to List Management. If a user doesn't have rights to edit a constituent, then they shouldn't be able to do this in List Management either.

  • Rick commented  ·   ·  Flag as inappropriate

    If there were only one user, security would not be an issue. But in my case, where I am the DBA making changes to the configuration and doing the import (at the server level), while there are many users who are "supposed" to be only generating reports - then security is a big deal. I'd like to see ImportOmatic, under Plug-Ins, either be grayed out, or not even be visible, to those who have no business being in it.

ImportOmatic

Categories

Feedback and Knowledge Base

(thinking…)