Exclude account permissions from organization
complete
M
Mayer Kahan
Ability to exclude organization(s) from account-level permissions. This is important if we have our internal organization in the same Huntress account as our client organization and don't want all account admins having access by default.
The only option I see is to create a separate Huntress account for internal use under a different domain.
D
Dean Guo
complete
We just updated our platform with a new capability that allows partners to manage internal endpoints separately. See the help article for more information. https://support.huntress.io/hc/en-us/articles/18887485650195
Marking this as complete! Let us know if you have any additional questions or comments.
C
Chris Sotak
Alex Payne This is a similar feature request to the one you recently posted. (I have upvoted)
A
Alex Payne
Chris Sotak: Nice find!
M
Mayer Kahan
Hi, Any update on this?
A
Aaron Tuomala
This is a must for us. We allow our staff to manage clients, but not our internal organization.
L
Lynn'la Marks'la
Would definitely like to see this as well. Internal org would be ok to start, but ideally end state would be full granularity.
Dima Kumets [Product Manager - Huntress]
Is this coming from a privacy perspective or some other need?
Do you think we would need to do this just for the one internal org or is granularity required here?
C
Craig'la Bayer'la
Dima Kumets [Product Manager - Huntress]: Ideally, more granular. We pull in our site structure Connectwise Automate and we have three internal “companies” for permission granularity and ease of management.
Dima Kumets [Product Manager - Huntress]
Thanks Craig'la Bayer'la!
J
Jeff Weinman
Dima Kumets [Product Manager - Huntress]: For control over our own org's Huntress config. We have internal IT to manage our own system so we don't want our security engineers who manage Huntress for our clients to get in our own system.
Initially one internal org but I like the idea of it being more granular as we build out teams of engineers responsible for subsets of clients.
M
Mayer Kahan
Dima Kumets [Product Manager - Huntress]: Original request was for internal org only. Reason being, I don't want engineers with access to the platform (with account level) to have the ability to view and modify settings for internal org.
RBAC and user groups are def needed, not for the same reason. Many service providers have pod based support split up by client and giving every pod access to all orgs goes against security best practices (least privilege).
V
Vicente Mundarain
under review
We are currently researching how to best support granular RBAC
A
Andy Smith
Would love to see this feature as well!
B
Berk Mustafa
This is a must for all "MSP Friendly" systems. Please get this on the short term roadmap.