Business information is your competitive advantage. The security of your information is our highest priority. site|folio’s security model is the most robust and granular in the industry. We enable organizations to define exactly who can do what, with which items, and under what conditions. This matrix of users, actions, items and conditions allows for extreme micromanagement of access to your data.

Because assigning permissions on an individual basis is potentially laborious, site|folio provides two methods for applying pre-defined sets of permissions to entire groups of users.

roles | Role-based security is the foundation of site|folio’s security model. A role is a collection of permissions –view, add, edit & delete –on documents, individual pieces of data, or actions within site|folio. Administrators create a library of roles, which are then assigned to users. In this way, a common set of permissions is defined once and then applied to as many users as needed.

Where applicable, site|folio supports defining permissions to an even more granular level - relative to the status of the document or action in question. For example, create a role that specifies the given user may only view ‘issued’ change requests. This level of permission-setting allows for stringent workflow enforcement.

teams | Where permissions are similar across multiple projects for a set group of users, “teams” provide a method for easily managing their rights. Create a team, add members, add the projects in question, and add one or more roles to the team as a whole. Roles assigned to the team are inherited by each team member. Now all members of the team have the same access to the given group of projects.

Suppose a team member requires specific permissions (on the same group of projects) outside of those defined by the role(s) assigned to the team as a whole. The administrator can simply apply another role exclusively to the individual member, granting them additional rights.

override | Override role or team permissions on any given item, so you can dictate only certain people have access to a specific folder, for example. Item-level settings can be incorporated into a project template, providing a powerful method for broadly distributing and controlling access by external consultants. Assign the “consultant” role and specialized folder-by-folder access is set across all applicable projects.

site|folio’s security framework enables administrators to dictate direct or ‘one-off’ rights, allowing a single user access to a single project or intranet page. This creates an effective means for granting access to users, such as contractors, that only require access to a single project in the system. For larger projects, administrators can grant the right-to-distribute-roles permission to another project stakeholder. So, if a project requires a ‘revolving door’ of users needing access to the project, that person may assign and remove access to that project as required.

site|folio’s user-controlled security allows all users to manage access to their ‘stuff’. Any supported item – such as an uploaded document, comment or contract – may be restricted by the item’s author upon creation or editing. Restrictions may be set for entire teams or individual users, so the author dictates and knows exactly who can access the item in question.

Understanding who is doing what and when is crucial to maintaining control of your intelligence and ensuring accountability. site|folio automatically tracks all activity, system-wide, ensuring you know:

• How often and how recently any user accessed site|folio.
• Who created, viewed, uploaded, downloaded, edited and marked up any form, document or drawing – and when.
• Which data points have changed in a report, via integrated highlighting.
• What notifications and status changes were generated by workflow.
• Exactly what items you have read or viewed, and which have changed since then.