Cloud Security
Working Papers security can be managed from Cloud to simplify the administration of users and file permissions across your firm. Cloud security offers much of the same functionality available with the Data Store Administration Tool and can be used in place of the Data Store (you cannot use both Cloud and Data Store security together in the same engagement file). When using Cloud security, you can only enable Protection for engagement files that are published or integrated with Cloud.
Note: Some features in Working Papers are not available when using Cloud security. Before you enable this feature, refer to Considerations before using Cloud security.
To set up Cloud security, you must complete the following tasks:
- Set up users, staff groups, and roles in Cloud (manually or importing via Data Store)
- Enable Working Papers security in the Cloud firm
- Enable Advanced Protection on the Working Papers file (in Working Papers or Cloud)
Users, Staff Groups, and Roles
Users, staff groups, and roles can be created in Cloud or imported from the Data Store Administration Tool.
In Working Papers, a group has two parts: the users that are members of that group, and the file rights that have been assigned to that group. In Cloud, these parts are managed independently as "staff groups" and "roles". Staff groups are simply firm designated user groupings and roles are sets of permissions. Roles can be assigned to a staff group to grant role permissions to all users in the group. Roles can also be assigned to users individually.
If you are using the Data Store Administration tool, you can export the list of Working Papers users and groups and then import them into Cloud.
- For Data Store export instructions, see Exporting Users and Groups from the Data Store for Cloud.
- For Cloud import instructions, see Importing Working Papers Users, Staff Groups, and Roles.
If you are manually creating users and staff groups in Cloud, see Users and Groups.
If you are manually creating roles in Cloud, see How to create Working Papers security roles.
The default roles in Cloud include the Viewer role and Editor role. These roles partially correspond to the Read and Read/Write file permissions in Windows. These roles can have different implications on your file depending on whether you have enabled Cloud security, and whether you have published or integrated your Working Papers file.
Cloud security enabled
Cloud role | Published Working Papers file | Integrated Working Papers file |
---|---|---|
Viewer |
File is read-only. User cannot make changes to the file unless connected to the parent file - and is further limited by the permissions granted under Advanced Protection. |
File is not read-only. User can make changes to the file based on the permissions granted under Advanced Protection. |
Editor |
File is not read-only. User can make changes to the file based on the permissions granted under Advanced Protection. |
File is not read-only. User can make changes to the file based on the permissions granted under Advanced Protection. |
Cloud security disabled
Cloud role | Published Working Papers file | Integrated Working Papers file |
---|---|---|
Viewer |
File is read-only. User cannot make changes to the file unless connected to the parent file. |
File is not read-only. All areas can be modified. |
Editor |
File is not read-only. All areas can be modified. |
File is not read-only. All areas can be modified. |
Enabling Working Papers Security for the Cloud firm
You must first activate Working Papers security at the firm level in Cloud before enabling it at the file level. Firm administrators can activate this feature from Firm Settings, see Enabling Working Papers Security for the Firm for instructions.
When enabled, you can specify that all new files use Advanced Protection by default. Setting this default will automatically enable Advanced Protection on any new files that you publish to or integrate with Cloud.
Enabling Advanced Protection on the Working Papers file
With Working Papers security enabled, you can also manually activate or deactivate Advanced Protection on a file from Cloud or from Working Papers.
- From Working Papers, use the options under Tools | Protection.
- From Cloud, use the Share command on the Working Papers page.
For additional instructions, see Controlling access to Working Papers files.
After enabling Advanced Protection, the menu items under Tools | Protection will change to reflect the options for Cloud, and the Protection dialog will be replaced with the Cloud share page. You can then review role assignments on this file.