Resilient

Expand all | Collapse all

Visibility of tasks for different user groups

  • 1.  Visibility of tasks for different user groups

    Posted 16 days ago
    Hi,

    I have a custom incident category. We have created custom phase and tasks for this category. I have created a rule for adding tasks to incident.

    But we have different user groups. For example tier2 might see only specific tasks. How can I do this from rule? 

    For example tier1 can see only 2 of tasks in below image. 

    Best
    Jasmine


    ------------------------------
    Jasmine
    ------------------------------


  • 2.  RE: Visibility of tasks for different user groups

    Posted 16 days ago
    1.  Set all tasks to private by default ("Administrator Settings" > "Organization" > "General" > "Settings" > "Default Tasks" > "ON").

    2.  For roles that should only see their own tasks, go to the role settings ("Administrator Settings" > "Roles)
             and uncheck the settings for "View Private Tasks"

    3.  Via a rule, set the members of the tasks.
               Rule type: Task
               Rule conditions: 'Task is created' AND ('Task name is equal to abc' OR 'Task name is equal to def' OR ...)
               Activities: 'Set Field   Task: Members   role_name_here'


    From the Resilient User Guide v34:
    "When viewing an individual task, there are also tabs to view the source of the task, record notes, and upload attachments. In the Members tab of the task, you can mark a task as Private if you consider the task as sensitive and do not wish it to be viewed by the incident team in general. The owner of the incident and members of the task can view a private task."


    ------------------------------
    Jared Fagel
    Cyber Security Analyst Intern
    Public Utility
    ------------------------------



  • 3.  RE: Visibility of tasks for different user groups

    Posted 14 days ago
    I think that is isn't the correct way, because when we want to create a simulation, there is an error:



    ------------------------------
    Jasmine
    ------------------------------



  • 4.  RE: Visibility of tasks for different user groups

    Posted 9 days ago
    Groups cannot be used as task owners.

    ------------------------------
    Ben Lurie
    ------------------------------



  • 5.  RE: Visibility of tasks for different user groups

    Posted 9 days ago
    Hey @Ben Lurie​​,

    I advised setting the task membership to the group (not ownership). Is this what you meant?

    Is setting a group as the members of a task also not possible? That would be a poor design, as this seems like an important use case.

    ------------------------------
    Jared Fagel
    Cyber Security Analyst Intern
    Public Utility
    ------------------------------



  • 6.  RE: Visibility of tasks for different user groups

    Posted 14 days ago
    Could you please provide a document or working example of this issue?

    ------------------------------
    Jasmine
    ------------------------------



  • 7.  RE: Visibility of tasks for different user groups

    Posted 14 days ago
    Is the group listed as an incident member? I forgot to add that in the steps, sorry!

    Recall that tasks cannot be assigned to non-incident members.

    I do not have an example of this to provide, as we do not use this functionality to-date.

    ------------------------------
    Jared Fagel
    Cyber Security Analyst Intern
    Public Utility
    ------------------------------



  • 8.  RE: Visibility of tasks for different user groups

    Posted 9 days ago
    Groups can be assigned as task members.

    ------------------------------
    Ben Lurie
    ------------------------------



  • 9.  RE: Visibility of tasks for different user groups

    Posted 8 days ago
    We are currently evaluating methods of assigning Tasks to Groups, and with that how do we expose that to the Users in the Groups in the platform. Most likely under the My Tasks section under Dashboards.

    Assign tasks to a group

    https://2e4ccba981d63ef83a875dad7396c9a0.ideas.aha.io/ideas/R-I-90

    Assign tasks to a group or person who isn't a member of an incident
    https://2e4ccba981d63ef83a875dad7396c9a0.ideas.aha.io/ideas/RESI-I-10

    It is an interesting thought to control visibility of the Tasks now owned by Groups:

    1. Limit the exposure of the Tasks to the rest of the Members/Owner of the Incident. As mentioned below, can be done today using the Member/Private feature of a Task - with the caveat that the Task Owner will implicitly always have access to that Private Task.
    2. Limit the exposure of the Incident to the Group that has been assigned a Task. So allowing a Groups/it's Members access to only the Task assigned, but not the Incident (or its other Tasks). We would then have to use something like the My Tasks to show those Tasks, because the User(s) would not have access to the Incident.

    Please have at a look at those two RFEs/Ideas, vote, and leave comments/feedback so our Product team can include them in our design thinking.

    ------------------------------
    Brenden Glynn
    CISSP, GCIH
    Incident Response Business Consultant
    IBM Resilient
    ------------------------------