This feature allows the implementation of group-based access control functionality for customers, ensuring that only authorized technicians or teams can manage and access customer data based on their assigned Customer Groups.
What Are Customer Groups?
-
Customer Groups allow you to limit technician access to specific customers. You can create unique groups of customers and apply those groups to one or more technicians (by specifying already created Technician Group). By doing so, you give technicians explicit access only to the customers within their assigned group. Any customers not included in the list remain hidden from the selected users.
The next time you add a new technician to CyberQP, all you need to do is define what technician group they belong to to allow them to be granted access to customer through inheritance.
-
Why Use Customer Groups?
-
Having well-defined Customer Groups is essential for managing access permissions effectively. Here’s why:
-
Organized Access: It ensures that technicians can interact with the right set of customers based on their roles.
-
Efficient Decision-Making: When faced with audits or questions for customer access, having a documented strategy helps you make better decisions.
-
Long-Term Alignment: A clean and effective strategy supports your organization’s overall direction and strategy.
-
-
-
Components of a Customer Access Strategy:
-
When creating your strategy, consider the following components:
-
Customer Segmentation: Understand your customer profiles and segment them effectively for your technicians. You may already group customer based on regions (NA/UK/ASIA etc) or by service level agreements (Bronze/Silver/Gold etc).
-
-
I already have customers assigned directly to my Technicians
If you have already directly assigned customers to a technician, we will honor those assignments in addition to any customers linked to the technician through customer groups. (via technician groups)
The technician's customer access is the sum of both the directly assigned customers and those inside assigned customer groups.
If you need to revoke access to a directly assigned customer immediately, please use the "Remove directly assigned customer access" option available on Engineer and Helpdesk roles. This feature will remove the directly assigned customers.
What will happen when I add a new Technician?
When you add a new Technician, we will not allow for the direct assignments of customers, you will need to assign the technician to a Technician Group, then have that group liked to a Customer Group.
This is to ensure that other features on CyberQP using Technician groups can provide both access to the feature and the customer. (EG Just-in-Time Accounts, Global Password Folders, access restrictions on specific password entries).
Prerequisites
- You need to have super or primary role permissions
- Have email access to a second Technician user on the “Technician Users“ list. (So you may verify your configuration)
- Make the second Technician user a member of a “Technician Group”
Steps
Administrator Actions - Creating a Customer Access Group
-
Access your Tenant Settings > Click on “Login Management“ > “Customer Groups“
-
Click “+ New Group“
-
Specify a Name (EG: “NA Westcoast Customers”)
-
In the “Customers” section, click on the “Add / Edit Customers“ button to add customers.
-
In the “Customer Group Access” section, click on the “Add / Edit Groups“ button to add Technician Groups (Your technicians).
- If you wish, you can select the option for "Automatically add new customers created". This feature will:
-
Automatically include new customers created individually from the customer list page.
-
Automatically include new customers created in bulk through integrations. (Connectwise Manage, Autotask, IT Glue, Hudu)
-
-
-
Review the customers and groups you have added. The customers specified on this page will be granted in an automated manner to the technicians in the groups.
Click the “Save“ button at the top of your page if the assignments are correct. -
Your new Customer Group will be added to the Customer Groups table. You’ll be able to see the Name, assigned Customers, and the technician access (via Technician Groups)
-
Now you will be ready to test the customer access.
Non-Administrator Actions - Verifying Customer Access
-
Using the second Technician user, open an incognito window / private browsing session
-
Log into CyberQP (https://admin.getquickpass.com/ or https://eu-admin.getquickpass.com/)
-
Observe how the customers listed match the assigned Customer Group. They will not have the same access as Super or Primary customers.
Comments
0 comments
Article is closed for comments.