An overwhelming majority of organizations today have to deal with large volumes of information to ensure seamless collaboration and communication. That being said, access to information is a two-edged sword and it needs to be controlled and regulated for a multitude of reasons. Not everyone should have access to all the information as it can lead to further problems within the organization.
That’s exactly why a large number of organizations rely on user permissions and rights to manage information access and flow. However, it can become increasingly difficult to manage these permissions as organizations scale their operations leading to the production and processing of a huge amount of data and information. This creates a dilemma for many companies as they cannot allow everyone to have access to every bit of information while restricting access can also result in subpar communication and collaboration.
KanBo solves that very problem that many organizations face by categorizing and organizing information through different boards with each board having three authorization levels. Every authorization level or permission defines a certain user’s involvement and their right to access information and make changes to the board.
Control access to information with KanBo
Why It Is Important to Have User Permissions?
While many employees would argue that they need access to all the information to perform their jobs well, that’s not necessarily true. Organizations create, store, process, and manage an extensive amount of information across a number of teams and departments. It means that a lot of information isn’t relevant for most of the employees. Some of the major reasons why it is crucial to have user permissions in place include the following.
Unrestricted Information Access Can Result in Accidental Data Breaches
It is no secret that cybersecurity has become one of the most significant concerns for organizations in the last couple of years. With ever-increasing data and security breaches, companies are now taking steps and initiatives to ensure their data remains safe and secure. One of the most effective ways to achieve this is through limiting points of potential exposure by restricting access where it isn’t required.
This doesn’t necessarily mean that your employees aren’t trustworthy but their access or permission can be exploited by other malicious cybercriminals to gain unauthorized access to your company information.
Intentional Misuse and Abuse of User Access
Although most of the employees in an organization have no malicious intentions towards the company, you cannot rule out the possibility of a few rogue employees who might misuse or abuse their privilege. There are many reports and researches that demonstrate again and again that human error and permission abuse are two of the most dominant factors that often lead to data and security breaches.
That’s why it is imperative for organizations to define and implement user permissions to eliminate the possibility of privilege abuse.
Maintaining Organizational Confidentiality and Compliance
There are many organizations that develop and implement a policy that dictates who gets access to what information. This is often done for security and confidentiality reasons which is why it is important for them to have restrictions in place through user permissions and rights. Without having an adequate policy in place, everyone will be able to access all the information which can lead to a wide range of issues for the organization.
Who Can See What in KanBo?
KanBo is one of the most agile and comprehensive digital management tools that empower organizations to deal with a wide scope of projects and tasks while managing all the related information through dedicated boards. Before we discuss authorization levels, let’s first talk about different aspects of access to information in KanBo.
1. What You See is What You Get (WYSIWYG)
One of the fundamental principles that KanBo is built on is transparency. It means that if you have access to something, you will be able to see it but if you don’t have the permission, you won’t. If you are facing issues, it means that you need to discuss permissions with your team members and identify whether they actually need access to a certain board to perform their job.
2. No Access Means You Cannot Find It in Search
This is basically the extension of the first principle. If you don’t have access to a certain piece of information, you won’t be able to search for it as well. For example, if you are a member of a card that is also linked to a board that you don’t have permission for, you cannot see the information present on that board.
3. Board or Board Collection Creator Has the Highest Level of Authorization
It doesn’t matter if you are a team leader, manager, or just another employee, if you create a board collection or a board in KanBo, you will have the highest authorization and access level i.e. Owner. You can change the settings of the board and invite other members.
4. Only Owners Can Send Member Invitations & Manage Users
Since KanBo relies on delivering a user-friendly and intuitive interface and experience, it limits certain functionalities and features to owners of the board or board collection. For instance, only Owners have the right to invite others and manage their permissions within boards and board collections.
5. Access to a Board Means Access to All the Information the Board Contains
This may come as a bit of a surprise but when you provide access to any team member to a certain board, they can see all the information contained in that board even if they have the lowest authorization level (Visitor). This isn’t because of any technical inability of the KanBo development team but by design. The philosophy behind the decision is that anyone who deserves access to a certain board should be able to view the complete picture to ensure transparency.
It means that if you don’t want to provide access to certain information, you should structure boards in such a way that you won’t have to give permissions. If there is no such way, it means that access to the information is vital for getting the job done.
Understanding KanBo Board Permissions
For effective management of information and ensuring productive communication and collaboration, the KanBo board offers three different types of permissions including Owners, Members, and Visitors. Each permission provides a certain level of authorization and access and the board creator can decide the type of permission that should be given to each individual involved.
These are the users who usually create boards and board collections. However, the creator can also make other members owners of a certain board according to their discretion. It is highly recommended that there should be at least two owners of each board so if one is unavailable because of any reason, the other can respond to queries, make necessary changes, and monitor progress and updates.
It goes without saying that the Owner is the highest level of access and authorization in KanBo and comes with the following privileges:
- They can see all activities in the steam and change board settings
- They can visit any section of a board including views
- They are the only ones who can invite new members/visitors to the board
- They have the right to manage document sources and documents
- They can manage board users along with labels
- They can see the archive, perform any action on cards, and export the board to file
- They have the option to follow any list, card, or the entire board
- They have access to all the documents and can change any of them
- Most importantly, they can close, delete, and reopen the board
This is the intermediate level of access and authorization and most of the employees will be given this permission. Members can do everything with cards including creating new cards, changing, deleting, and archiving them. They can also assign users, create documents, write messages, follow cards, and set due dates. Apart from that, Members also have the following privileges:
- They can see all the stream activities and views of the board
- They have the right to add, change, and delete documents from a card
- They also have the option to add document sources and see the archive
- They can perform any action on cards and export board to a file
- They can follow a list, card, or the entire board
- They also have access to all the documents and can edit them when they want
Members are often the ones who are directly involved in the task or project while Owners are usually managers or team leaders who need to keep an eye on overall progress. In certain situations, an Owner can elevate or reduce the permission level.
While this is the least privileged level of access in KanBo, it still gives users the ability to see all the information present within the board. Visitors have the right to read everything, follow cards, write messages, and have conditional access to documents. Some of the other privileges include:
- They can see all the stream activities along with views of the board
- They have the ability to see sections of Archive, Labels, and Users
- They also have the option to export the board to a file
- When interacting with cards, they can write, edit, or delete their own comments
- They can follow the entire board as well as an individual list or card
- They have access to all documents
How to Change Board Permissions in KanBo
Just like accomplishing any other action in KanBo, changing user permissions is also quite straightforward. All you have to do is go to the Users section from the menu or you can simply click on the Users icon right next to the members profile thumbnails. Once the Users settings window pops up, you can either add new users to the board assigning their permission level or change the authorization level of existing users by dragging and dropping.
Many organizations have to enforce their security policies and ensure the confidentiality of their valuable information. This can be achieved through adequate structuring of information and granting the right user permissions. KanBo provides both flexibility and versatility to team leaders and managers who want to adhere to their organization’s security policies. With three different levels of permissions, organizations can control and manage the flow and security of their company information.
Do you have questions?
Maybe we have an answer!
If you have any questions regarding the topics we discussed in this blog, go ahead and send them to us.