Security: Controlling Access to your Data
Security is one of our primary concerns here at Dedoose, and we feel the best possible person to be in control of your data, is you. With that in mind we have designed the Security workspace to make it easy to invite other users into a project for collaboration, as well as controlling what data within that project they are able to create, alter or view. This is done via ‘Access Groups,’ which determine the level of access users receive to specific portions of the project.
Access Groups
When you add someone to a project via the Security Workspace, you are met with a prompt to assign them to an access group. An access group defines what level of security they are granted for your project, and what actions they can or cannot perform. These groups are predefined by Dedoose and are available to be seen in the Security workspace. Each Dedoose access group is distinguished by the privilege settings for all aspects of a project database (Codes, Media Files, Excerpts, Descriptor Fields, Descriptors, and Security).
Note: For many users, allowing colleagues full access to the dataset is perfectly acceptable. This means you can invite users into the already existing "Full Access" group.
For users who wish to restrict access to their project we have several ‘Access Groups’ with varying amounts of access to fit as many needs as we can. Below are the most popular access groups, followed by descriptions of each access group available.
Most Used Access Groups
Full Access: Complete create, edit, and delete privileges for all aspects of project and full access to security center control (ability to add users, edit all user information, create access groups, assign users to groups). Appropriate for project administrators/managers, and trusted collaborators
Project-Wide Assistant: Provides full access to create, edit, and delete all project related data. However, this group has no security access and thus cannot add or delete people from a project. Appropriate for trusted collaborators who you do not want adding additional people to the project.
Standard Assistant: Ability to view all codes, descriptor fields, and descriptors, create media and excerpts, and code and delete excerpts that they have created. No access to Security Center.
Guest Access: Ability to view all data, excluding Security Center information. No privileges to create, edit, or delete any data. Ideal for someone you want to view the project, but unable to make any changes or view project collaborators.
No Access: No view, create, edit, or delete privileges. Appropriate for maintaining a user's link to project but removing all access privileges for a period of time. Note that removing a user entirely also removes the reference for any objects they created. Accordingly, this group can be useful if an individual leaves a project, but you wish to maintain ability to identify the work they contributed.
All Access Group Categories:
Access category descriptions are below:
- Full Access: Complete create, edit, and delete privileges for all aspects of database and full access to security center control (ability to add users, edit all user information, create access groups, assign users to groups). Appropriate for project administrators/managers only
- Project-Wide Assistant - Complete create, edit, and delete privileges for all aspects of database. Security Center access is limited to modifying own user account (change user information and password). Appropriate for a trusted project director/coordinator
- Project-Wide Assistant with Limited Excerpts - This group allows users to carry out most activities in the project. The only restrictions are that they cannot access the Security Center, modify or delete media they did not create, AND they can only see and work with excerpts that they created. Security center access is limited to modifying own user information (change user information and password). Appropriate for a trusted project director/coordinator
- Project-Wide Assistant with Isolated Excerpt Access - This group allows users to carry out most activities in the project. The only restrictions are that they cannot access the Security Center, modify or delete media they did not create, AND they can only see and work with excerpts that they created
- Project-Wide Assistant with Restricted Media and Excerpts - Complete create, edit, and delete privileges for codes, and descriptors and descriptor fields. Can view all media and excerpts, but can only edit and delete their own. Security center access is limited to modifying own user account (change user information and password). Appropriate for a trusted director/coordinator
- Project Manager with Restricted Excerpts - Ability to create, edit, and delete media, codes, descriptors, and descriptor fields. Can only edit and delete self-created excerpts. No access to the Security Center.
- Super Duper Assistant - Ability to view all codes, descriptor fields and descriptors, create media and excerpts, code, modify and delete excerpts, and delete media files that they have created. No access to Security Center
- Super Assistant - Ability to view all codes, descriptor fields and descriptors, create media and excerpts, and code, modify, and delete excerpts that they created. No access to security center.
- Standard Assistant with Code Tree Privileges - Complete create, edit, and delete privileges for the code tree. Restricted access to media files and excerpts, allowing them to only edit and delete them if self-created. Only view access for both descriptor fields and descriptors. No access to the Security Center
- Standard Assistant with Full Document and Descriptor Privileges – Complete create, edit, and delete privileges for media, descriptors, and descriptor fields. View only access for codes and can only edit and delete self-created excerpts. No access to Security Center
- Standard Assistant with Descriptor Privileges - Ability to view all codes, create media and excerpts, and code and delete excerpts that they created. Can also view, edit, and delete descriptors and descriptor fields. No access to Security Center
- Standard Assistant - Ability to view all codes, descriptor fields, and descriptors, create media and excerpts, and code and delete excerpts that they have created. No access to Security Center
- Restricted User - Ability to view all data in database, but no ability to create, edit, or delete any data. No access to Security Center
- Restricted Excerpts for Coding - Complete create, edit, and delete codes, and descriptors and descriptor field privileges, but can only edit and delete excerpts that are self-created. No access to Security Center
- Restricted Excerpts for Coding with only Code Tree Viewing - Ability to view codes, descriptors, and descriptor fields. Can also add media and excerpts, but only edit or delete ones that they have created. No access to Security Center
- Guest Access - Ability to view all data, excluding Security Center information. No privileges to create, edit, or delete any data
- Anonymous Viewer - Ability to explore and view project data, but no privileges for descriptor sets, fields, and data. No access to Security Center
- No Access - No view, create, edit, or delete privileges. Appropriate for maintaining a user's link to project but removing all access privileges for a period of time. Note that removing a user entirely also removes the reference for any objects they created. Accordingly, this group can be useful if an individual leaves a project, but you wish to maintain ability to identify the work they contributed.