CasewareDocs

Controlling access to Caseware Working Papers files

Content in this topic requires Caseware Working Papers.

The Working Papers security feature combines Cloud's ease of user management with the detailed protection settings available in Working Papers files.

Working Papers security works very similarly to the security roles used in Cloud for managing access for your users and groups. First, you create Working Papers roles in Cloud, and then you can enable Working Papers security for your organization. Once security is enabled, you can activate this advanced protection on Working Papers files that your organization has published to Cloud, assigning the Working Papers roles to your staff members to grant them access to the appropriate areas of the file.

Cloud Protection and roles

Cloud roles and permissions control Cloud Protection, whereas Working Papers security controls access inside the Working Papers file.

Who can enable or disable Cloud Protection?

  • Staff with the Owner role (with Assign/Share file permissions) or equivalent privileges can enable or disable Cloud Protection from both Working Papers and Caseware Cloud

  • Staff with the Editor role or equivalent privileges can see the option to enable or disable Cloud Protection in Working Papers but cannot use it, and do not see the option at all in Caseware Cloud

Current limitation in Cloud roles

Cloud Security roles do not currently include dedicated permissions for enabling/disabling Cloud Protection. Because of this, Cloud roles alone cannot fully prevent an Owner from disabling Cloud Protection.

We recommend that you:

  • Restrict the Owner role to a small administrative group.

  • Set the Default for Creator tag to the Editor role (or another non-Owner role) in Settings | Roles Permissions.

  • Create custom roles without Assign/Share file permission for users who should not be able to disable Cloud Protection.

If you are concerned about accidental changes to Cloud Protection settings, you can replace CW.MNU to remove the menu command in Working Papers. While this does not prevent users with the appropriate permissions from enabling or disabling Cloud Protection, it serves as a useful preventive measure.

How to import security configuration settings from Working Papers

If your organization already uses the protection settings available in Working Papers, you can export your data from the Data Store Administration Tool and then import these settings into Cloud.

To import security configuration settings from Working Papers:

  1. Ensure that you have the Settings Admin role or equivalent privileges.

  2. From the Cloud menu, select Settings.

  3. Select Working Papers | Working Papers Security. The Working Papers Security page is displayed.

  4. Enable the Security Default toggle. This ensures that all new Working Papers files use advanced protection by default, and is a requirement for using Working Papers security.

    The Security Defaults toggle in Working Papers security settings.

    For information on applying advanced protection to existing files, see How to enable advanced protection on an existing Working Papers file.

  5. Select the New button, then select Import. The Import dialog is displayed.

    The import dialog for Working Papers security settings.

  6. Select the Select Files button.

  7. Select the .txt file you have exported from the Data Store Administration Tool, and select Open. The Import Staff and Groups dialog is displayed.

    The Import Staff and Groups dialog for Working Papers security settings.

  8. Review the staff members, the groups, and the roles that will be imported. You can rename any groups or roles and edit their descriptions.

  9. Once you have finished reviewing the import content, select Import.

The security roles from your Working Papers file are created in Cloud. You will automatically create new staff profiles for any users in the import who did not already have a profile, and you will also automatically create groups.

How to create Working Papers security roles

If your organization does not use Working Papers protection, you can create Working Papers security roles in Cloud. These advanced roles use the same list of permissions that Working Papers supports.

To create Working Papers security roles:

  1. Ensure that you have the Settings Admin role or equivalent privileges.

  2. From the Cloud menu, select Settings.

  3. Select Working Papers | Working Papers Security. The Working Papers Security page is displayed.

  4. Enable the Security Default toggle. This ensures that all new Working Papers files use advanced protection by default, and is a requirement for using Working Papers security.

    The Security Defaults toggle in Working Papers security settings.

    For information on applying advanced protection to existing files, see How to enable advanced protection on an existing Working Papers file.

  5. Select the New button, then select Create. The Create Working Papers Role dialog is displayed.

    The Create Working Papers Role dialog. Permission categories are displayed on the left, and permissions are displayed on the right.

  6. Enter a role name. You can also enter a description.

  7. Choosing a category on the left will display its permissions on the right. Select all Working Papers permissions that apply to your new role.

  8. If your organization uses CaseView access levels, select the CaseView documents access level category on the left and select an access level appropriate for your role.

    Select one of the CaseView documents access levels to grant it to your security role.

  9. Select Save.

You have now created the new Working Papers security role. Once you have created a few roles that reflect the type of protection you need, you should be ready to enable Working Papers security.

How to enable Working Papers security

Once you have Working Papers security roles created on Cloud, you can enable Working Papers security. This is a system-wide setting that will enable users to activate advanced protection on specific Working Papers files.

To enable Working Papers security:

  1. Ensure that you have the Settings Admin role or equivalent privileges.

  2. From the Cloud menu, select Settings.

  3. Select Working Papers | Working Papers Security. The Working Papers Security page is displayed.

  4. Select the Disabled button.

    Select the Disabled button near the top of the page.

  5. Select Yes when prompted.

    This dialog notifies you that advanced protection can be enabled on individual files if you turn on Working Papers security.

You have now enabled Working Papers Security for the entire organization, which means that you can enable advanced protection on existing Working Papers files.

How to enable advanced protection on an existing Working Papers file

Once Working Papers security is enabled for the organization, owners for published Working Papers files can enable advanced protection for them. This will let you grant access to staff members by assigning them Working Papers security roles on published files.

Note: New Working Papers files will automatically have advanced protection enabled as long as Security Default is toggled on.

To enable advanced protection on an existing Working Papers file:

  1. Ensure that you have the Owner role or equivalent privileges for the Working Papers file.

  2. From the Cloud menu, select Working Papers.

  3. Select a Working Papers file, then select the Share button ().

    Select the Share icon in the details pane.

  4. Select the More Actions () | Enable Advanced Protection.

    Select Enable Advanced Protection in the Share dialog.

  5. Select one or more users to whom you will give the Advanced Role for this Working Papers file.

  6. Select the Assign Roles to (#) button at the bottom left corner of the Share dialog, then select the applicable Advanced Role.

    Select one of the advanced roles to grant these Working Papers permissions to the selected user.

  7. Select Share.

You have now enabled advanced protection for this Working Papers file. The users you selected will have access to the areas of the file based on their role, and they will gain all corresponding Working Papers permissions for it.

Controlling access to Caseware Working Papers files | Caseware Docs