This article provides an overview of evidence access control and the access list in Evidence.com.
Procedures for using the access list are linked below:
- Adding Users and Groups to the Inside My Agency Access List
- Modifying Inside My Agency Access List Information
- Removing Users and Groups from the Inside My Agency Access List
- Manually Restricting Evidence Inside My Agency
- Removing Evidence Restriction
- Providing Evidence Outside Your Agency
Access List Training Class Recording
Access Control Overview Video
What is Access List?
Access List is the new workflow for controlling access to evidence in Evidence.com. It allows you to grant access to users and groups, as well as restrict access to only users and groups on the access list. Each piece of evidence has its own access list. So, you can individually manage access and restrict evidence as needed.
Default Access to Evidence
Default access is based on the user's assigned role. Additionally, any user added to the evidence access list is also granted access. For evidence that is not restricted, the access list is additive to initial role-based access. So, both role-based users and access list users are granted access to evidence. For restricted evidence, only users assigned to roles with the Access Restricted Evidence permission and those on the access list are granted access the evidence.
Access List Information
You can get a snapshot view of the number of users and groups on the access list for an evidence file on the Evidence Detail page. This view also shows if the evidence is restricted.
A detailed view of user access can be found by clicking Inside My Agency to go to the Manage Access page for the evidence. The Manage Access page is used to add and remove users and groups from the evidence access list and to manually restrict the evidence.
The upper portion of the Manage Access page shows if the evidence is restricted, the number of users and groups on the access list, and the number of users that can view the evidence due to the permission settings for their assigned role. The upper portion of the page also includes the link to the evidence page, allowing users to easily copy the link so it can be pasted into reports, documents, and other applications. Note that anyone using the link must still sign into their Evidence.com account and be on the access list or have permission to view the evidence.
The image below is the same Manage Access page when the evidence is restricted, showing users assigned to a Role with View Any permission no longer have access. Only users and groups on the access list or that are assigned to a role with Access Restricted Evidence permission have access to the evidence.
The lower portion of the Manage Access page shows the users and groups on the access list for the evidence. The list shows the user or group name, access level permission, evidence access duration, and when the user or group was added to the list. If the evidence is restricted, only the users and groups on the list can view the evidence.
Restricted Evidence Access Control Role & Permission information
In general, access to restricted evidence is controlled by the access list. But users can be assigned to roles with a permission that allows them access to all restricted evidence in your agency. This permission is in the Evidence Management permissions section and requires a Pro License.
- Access Restricted Evidence: This permission setting allows users to access all restricted evidence inside your agency without being on the evidence's Access List. This permission requires that Evidence Management View be allowed for the associated role.
Providing Evidence Outside Your Agency
Providing access to evidence for users outside your agency can be accomplished by adding users or groups to the Outside My Agency access list for the evidence from the evidence search page or evidence detail page. Additionally you can provide access to evidence using an unauthenticated download Link from the evidence search page.