Account option to disable giving access to "All Users" - security enhancement

I was training my team on setting up metrics, models and data sources, and I had to emphasise and repeat the instruction to not share objects with "All Users". This is because we have partners using our instance, so we use groups to control access. I then realised that this is a security flaw rather than a training issue.

My suggestion is to add an option in security settings to disable the ability to select "All Users" for access control.

I know this probably won't get as many votes as core functionality suggestions, but I hope you consider this important anyway as security features are usually more desired after something has gone wrong than before it has.


Please sign in to leave a comment.