Any update on giving users access to multiple customers but not all?

As many have said in the past, when you have a customer with multiple companies, we need to give a user the ability to access those customers but not all our customers. Also, I recently hired a tech and I want him to have access to specific customers that he’s assigned to. But in doing so, I now give him access to all customers including our own company, which means he has access to all my HR, financial, and business files that no employee should have.

Please tell me this is in the works. I’d rather not have to remove my servers and devices from Syncro.

I hope so too. Seems bad to not to be able eat what you make. Can use our own tools internally because of stuff like this. :frowning:

This is something we’d like to do at some point, but it’s not currently on the radar.

I think I speak for most of us when I say this is a high priority item.

Yes high priority item. I am in the exact same boat. Cannot use Syncro on my own devices because of the security risk. Really sucks when I want to quickly test a script and I do not have a device enrolled.

Thanks, @john7 I hadn’t considered the impact on internal security controls in our business of not being able restrict clients and PCs from being accessed by users in SyncroMSP

Essentially, we cannot stop an internal person accessing an internal PC in our business, and we cannot run any reports on who, what, when, why activites on any of our internal PCs.
This violates the Information Security Principal of Least Privilege.
Access control |

Fortunately, in SyncroMSP we can at least run an Asset Audit report, to show who used the Remote Session and Background Tools on Internal PCs.
But that is like finding out which way the horse ran after it bolted through the gate…and business owners would need to regularly check the report…they already have enough other things to do.