Overview
When an Account is created, it is assigned to a general permission profile. This profile will automatically include all documents marked as Public or Restricted. If there are further documents to which you want to grant a specific Account access that are not granted to others, you will create a custom permission profile.
Similarly, permission profiles allow organizations to grant specific accounts access to a subset of documents instead of all content contained within a Trust Center.
Permission Profiles are only available on paid plans, and the number of permission profiles available to use is determined by the plan tier. Please reach out if interested in gaining access to Permission Profiles or adding more to your contract.
Common Use Cases
It is important to determine if Permission Profiles are the right choice for an organization. If documentation is currently shared cohesively across all customers, then Permission Profiles could complicate access rather than streamline it.
Permission Profiles are most useful in the following scenarios:
Regional
Documents/policies relate to specific geographic regions based on where a company/account is based.
Products
When products have different documentation and a company/account needs access to the documentation associated to the product(s) they purchased.
Stage of Deal
Prospects versus Existing Customers.
Size of Account
An Enterprise company may need different documentation versus an SMB.
General Access
The default profile already created is called General Access. This profile has access to all documents (besides Restricted Hidden items) and is continuously updated to cover all documentation in your security portal. This profile cannot be edited.
Creating a Permission Profile
To add a new permission profile, follow these steps:
Navigate to the Trust Center > Settings > Permission Profiles
Click Create New Profile
Fill in the Profile Name and Description
Select the appropriate documents
Click Save
Set the Default Permission Profile for New Accounts
Select the most commonly used permission profile as the default permission profile.
Navigate to the Trust Center > Settings > Permission Profiles
Under Default Permission Profile, select the profile for new Accounts to be assigned to by default
The default Permission Profile can be overridden during Account creation.
Assigning a Permission Profile to an Account
Adding a New Account to a Permission Profile
When approving an access request to the Trust Center, select the desired Permission Profile for the Account.
β
The default permission profile will automatically appear as the selected option, but there is an option to change which permission profile an account is assigned by using the dropdown.
If an account needs access to more than one permission profile, simply select each one they will need in the dropdown menu.
β
Editing an Account's Permission Profile
If an account has been approved but they were assigned the wrong permission profile or needs additional access to more permission profiles:
Navigate to the Accounts section or the Trust Center
Click on the Account
Click Edit in the top right corner.
β
Under the Permission Profile header, select the new profile
Click Save.
β
Determining Which Permission Profile Applies to an Account
Option 1: Navigate to a particular account's profile in the Accounts tab
Note: When clicking on the permission profile's name, view which items are included and which other Accounts have this Profile.
Option 2: Navigate to the Settings tab, then to the Permission Profile section. Select a specific profile, then scroll to the bottom to see all Accounts that are in that profile
How Permission Profiles Affect Trust Center Visibility
There are actually three different settings within SafeBase that all play a role in what a visitor is able to see and that you want to adjust to achieve the desired end result. They are:
Trust Center item's Access setting
Trust Center Settings' Public Mode Access Level buttons
Note these settings apply to both Preview Mode and Public Mode
Permission Profiles
It is important to remember that permission profiles apply to documents, and not items. Even if you set the item's Access toggle to "Hide unless access granted," if there is no document linked to that item, you will not be able to select that item for inclusion within a permission profile. Hence, in this scenario, it would be possible to prevent any visitor with any access level from seeing that item. The remediation is to either link a document to that item and include it in a permission profile, or turn the "Hide unless access granted" toggle off.
Further, consider the following setup:
Set a given Trust Center item to Restricted
Do not link a document to that item
Leave the "Hide unless access granted" toggle off
Set the Public Mode setting to "Public items and details"
This item and its details will be visible to all visitors regardless of access level.
Subprocessors Use Case
A common item where this question comes up is the Subprocessors item within the Legal card. There, the Subprocessors list is part of the item and is not treated like a document. While possible, it is not common to link a document to the Subprocessors item. Therefore, the above settings would also allow the full Subprocessors table to be seen by all visitors. The correct way to restrict the Subprocessors list to only those who have been granted access is as follows:
Set the Subprocessors item to Restricted
Do not link a document to that item
Leave the "Hide unless access granted" toggle off
Set the Public Mode setting to "Public items"
Note: the standalone Subprocessors card will not be visible to public visitors in this scenario, but would be for visitors to whom Trust Center access has been granted. It is necessary to keep the table shown as well. If you mark the Subprocessors card as hidden, none of the above settings will apply, and the card will not be visible to any visitors.