Security Tags

Security tags are a very powerful tool that can be employed by the administrator to impose different views of the central database on different users.

You can defined security tags for read-only passwords under Preferences/Security. Similarly, you can define security tags for each entry in the database under Properties.

Mutually-exclusive views

Let us take a look at an example of how to use security tags to create mutually-exclusive views of the database. Suppose the database has three folders: "HR", "Engineering" and "Marketing". The administrator then assigns the following security tags to these folders:

He then creates the following read-only passwords with these security tags:

Now, when a user logins using "password1", he will only see the "HR" folder (and the entries under it). He will not see the other two folders. This arrangement gives rise to mutually-exclusive views where a user who logins using a certain password will only see a particular folder.

Hierarchical views

Let us take a look at an example of how to use security tags to create hierarchical views where a person with high security level can view all entries that have equal or lower security levels.

Suppose there are three folders in the central database: "Low security", "Medium security" and "High security", with the following security tags:

The following read-only passwords are created:

With this configuration, a user who logs in using "lowpass" will only see the folders "Low security", but a person who logs in using "highpass" will see all three.

Security tags can be assigned to both folders and entries. If a security tag are assigned to a folder, it will apply to all folders/entries within it. If a security tag is assigned to an entry, it will only be used if the parent folder does not have any security tags assigned, otherwise it will inherit the security tags of the parent folder instead.