Revoke User's Access to Work

As an enterprise-level organization, we have multiple departments, and sometimes, users are transferred from one department to another. When this happens, we need to be able to revoke that user's access to their previous department's work in Wrike. However, Wrike implicitly always allows the creator of a task to always have access to it. As a result, we cannot prevent the user from accessing the work they were involved with in their previous department.

I've come up with two options; neither of which we like.

Unshare as much as possible and force everything that can't be unshared to be read-only
Delete the user (instead of deactivating) and re-invite them for the new department

For the first option, the user still has visibility into work in their old department even if they can't make any changes. This is still a privacy concern.

For the second option, deleting a user has several side-effects that we try to avoid by demoting and deactivating the account when people leave:

We are not able to find the user in filters.
Recurring tasks they setup would stop.
If they return to the department in the future, they don't have their previous work.

We need a way to revoke a users access to task they created. This is a necessary feature especially at the enterprise level where users can shuffle around between departments each with confidential information.

Find more posts tagged with

Under review

Status: Under review

Comments

Elizaveta Bogdanova

Hi Joshua 🙂 I think that this suggestion should be covered by Spaces. Employees that are transferred to a different department can be deleted from one space and added to another. Please let me know how that works for your organization!

Joshua Balentine

Hi Lisa,

Spaces does not address the fact that task authors cannot be unshared from a task and always have access even if it's through the "Shared with me" folder instead of a space.

We'd love to have disabled users less visible in our account as well. They are too easily found when looking for @mentions or assignees and aren't noted in any way to be disabled.

Elizaveta Bogdanova

Thanks for getting back to me, Joshua. I'm checking with the Product team for status here, I'll get back here as soon as I have it 👍

Elizaveta Bogdanova

Hey again Joshua, I've checked with the Product team, and they are really interested. This will take time because it might affect other Wrike functionality though. I'll let you know how it goes!

Permanently deleted user

Hi Joshua, just a quick update - the Product team are interested in this and are going to start looking into how they can implement it. For that reason I'm changing the status to "Investigating". As soon as I have an update for you, I'll let you know.