Settings and activity

1 result found

1. User Role - Restrict access to specific Settings

   452 votes

   vote vote vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   vote

   We’ll send you updates on this idea

   243 comments  ·  For small businesses » Settings & user roles  ·  delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Submit Rating
   Not in pipeline  ·  AdminKelly Munro (Community Manager, Xero) responded

   Hey everyone, we've been following the conversation closely and we want to acknowledge how important this is for many of you.

   Atm, we’re on a long journey to provide more controls within Xero features that our customers need. Being such a broad idea that touches many areas of our platform, we’d like to encourage adding your votes to specific user permissions that matter most to you, such as:

   • Bank Accounts: For more control over who can see bank account balances and access specific accounts, please see the idea here: User Role - Restrict access to individual bank accounts
   • Sales and Invoicing: If you’d like to see changes to permissions around sales reporting and editing invoice templates, you can follow that conversation here: User roles: Restrict access to Invoice Settings
   • Reports: To have your say on restricting access to specific reports, the relevant idea is here: User permissions - Assign user access to specific reports

   This change will allow us to focus on the more specific requests to explore. If you don’t see the user permission you’re after, raise a new idea here.

   We're thankful for the time and effort you've put into sharing your thoughts on this. Your feedback is valuable, and helps us better understand the priorities and needs of the community as we continue to evolve Xero.

   Hey everyone, we've been following the conversation closely and we want to acknowledge how important this is for many of you.

   Atm, we’re on a long journey to provide more controls within Xero features that our customers need. Being such a broad idea that touches many areas of our platform, we’d like to encourage adding your votes to specific user permissions that matter most to you, such as:

   • Bank Accounts: For more control over who can see bank account balances and access specific accounts, please see the idea here: User Role - Restrict access to individual bank accounts
   • Sales and Invoicing: If you’d like to see changes to permissions around sales reporting and editing invoice templates, you can follow that conversation here: User roles: Restrict access to Invoice Settings
   • Reports: To have your say on restricting access to specific reports, the relevant idea is here: User permissions - Assign user… more
   An error occurred while saving the comment
   Wendy Xing commented  ·  02 February, 2024  ·  Edit…  ·  delete…

   I am writing to express my serious concern regarding the current permission system implemented in our XERO platform, which I believe poses a significant risk to management processes. The existing system lacks a crucial middle layer of permissions, offering an all-or-nothing approach that is neither secure nor practical.

   At present, the permissions are so broadly defined that they allow for only very limited or almost complete access. This lack of granularity means that accountants, among others, can view and even edit almost everything within the system. Such extensive access is not only unnecessary for their role but also represents a substantial security risk that could potentially lead to data breaches, unauthorized transactions, or other forms of misuse.

   The absence of a nuanced permission structure does not allow for the balanced distribution of access rights, which is essential for maintaining the integrity and confidentiality of sensitive company information. It is unsettling to know that the current system does not provide the means to effectively control or limit access based on the specific needs and responsibilities of different roles within the organization.

   Save Submitting...
   Wendy Xing supported this idea  ·  02 February, 2024