Our intranet has many ways to manage user and content security, allowing you to get very granular about access.
Most security settings allow you to get specific about the content users can:
Security can be managed through a variety of means, primarily folders within Apps, and roles that apply across the entire intranet.
We recommend looking at security with a site-wide perspective, ideally with the assistance of a Steering Committee or Governance documents to help guide the development of appropriate security settings. It's important to strike a balance between security, risk, and delegation, so the right people have access to the appropriate information and tasks. There are also higher-level security settings which your IT staff would likely be responsible for.
Admin Section: Security Tab & Permissions
In the Admin section on the Security tab, you have access to elevated rights and content permissions for both Users and Groups. The only roles which persist across all areas of the intranet are Elevated Rights for Users, primary Super Admin, Administrator, Site Designer, Profile Manager, and Employee Manager.
There are two key ways to modify the security for Apps: folders (sometimes called categories depending on the App) and owners.
Folder security allows you to get very specific about which users or groups can view, add, edit, or delete content. App Owners have full rights to view, add, edit and delete any content within the App, and can also perform some Admin functions such as creating categories and assigning user/group permissions.
There are two key ways to modify the security for Sites: access and owners.
Site access translates to which users can see that the Site exists in the navigation and see the Site content. Site Owners have full rights to view, add, edit and delete any content within the Site, and can also perform some Admin functions such as creating navigation and managing or securing Pages.
Security for Pages can be managed by assigning Page Owners. Page Owners have full rights to view, add, edit and delete any content on the Page, and can also manage Pages and any associated Sub Pages. This is a more restrictive level of security than Site Security, since Sites can have many Pages.