Breaking the law data protection
Now we are taking a high risk using Wrike. We are developing Business Development for different Clients. Every Client have a folder. It's very easy to make a mistake with the mouse. You can move a folder into an other one. It's very simple. In this moment we are violating the law on data protection. We can understand why can't customise the permission for every user (general ,external or collaborator) on every act?. If you can not move, erase, change, whatever, I can manage the risk. Otherwise Wrike is not the tool that will allow us to scale as a company (that means manage more Clients with more team involved).
When a task its moved into another automatically inherits the persons that are sharing it. Wrike has a full traceability and write the action on the comments field. It's very simple lose a Client making a easy mistake.
If every user from de company can move folders, can you imagine what can be done by an annoyed Business Developer?
Hi Joan, thanks for reaching out, security is really important so I want to make sure we talk about the different options we have. We don't have the ability to modify every action but we do have user restrictions available:
I know that's not the exact functionality you're looking for (and we'll pass along your feedback to our Product Managers), but would either of those options help?
Many thanks for your comments Stephanie.
Regarding "Folder and Project Permissions", as you know, any Regular and External User can move a folder to another folder easily. At that time this folder inherit the persons that are sharing the folder where the user has introduce into. With a simple mouse's movement we can break the Law Data Protection. We are really concerned on that!We can not scale the company with this big issue.
Event we act the "turn off inherited sharing" option, on a medium size company team we can not make sure that in any point of time a Project Manager will makes this big mistake and doesn't tell us or doesn't realise of that staying the folder into tho another. Or more simply, if a Project Manager intents to harm our company, he can move all the folders.
Why can we not define at the maximum level of the detail the permissions of the users? Why can we not have a check permissions list? This tool we can offer more security in different fields, as for example the permission that all users have to download information of the projects.
Meanwhile you can proceed to activate the verification process when a folder want to be moved. Do you have this process defined and useful when a Regular user want to share a task or folder with an given external user. Why can not you apply the same tool in order to avoid the wrong movement of given folders?
We would please ask you to act as soon you can to solve this big and dangerous issue!!
How to Set Up GTD Using Wrike suggests setting up folders as a means of tagging tasks with contexts (e.g. "low energy", "high energy", "home", "office").
In order to leverage this at the team level those folders would need to be shared with everyone. Am I mistaken, or would that not ultimately result in everything being shared with everyone?
With regard to turning off inherited sharing, it says that's an Enterprise plan-only feature. I'd say preventing accidental or intentional sharing of sensitive tasks is far from an enterprise-only concern.
@Joan I apologize for the delayed reply. Thank you for the details. We've tested turning off inherited sharing in different scenarios and it seems to work and address the concerns you mention, but we would love to try it with you see if/how it could work with your team. I was wondering if you would you be available to do a screensharing session? I think looking at your Folder structure could go a long way in this case.
@Ian You definitely can use Wrike for the GTD methodology, the idea is that you share Folders with only the people who need access. For example, you could have a set of Folders that is shared with everyone and then a separate set that has more confidential or private information that is shared with only select people. In terms of turning off inherited sharing, you're right that it's an Enterprise feature. The thought process is that not all companies need deeper security controls but for those that do, we have the Enterprise plan.
Dear Stephanie, our main concern are:
Look forward to hearing you soon. Many thanks.
Hi Joan, understanding your Folder structure and its different levels helps a lot, thank you. I will share this feedback with our Product Managers.
I have another option I want to suggest - but I want you to know that I'm not trying to detract from your post (we're going to share your feedback) and I know that what I'm suggesting is not exactly what you need. In terms of your second point, I'm wondering if sharing Reports with people would be helpful? You can share a Report Snapshot with anyone and if you're sharing with someone who isn't a Wrike user, they won't be able to make any changes. This would only work if the information you need to share is visible on Reports and if people only need to see what's visible on the Report.