I am an admin over a government site that has both internal and external users. We have been trying to decide if it is better to give users delete rights or not and if so should we give them to the internal users only or give to all users. I would like to know what other organizations are doing & if they have agreed with that deployment.
Gary, I am an Admin for an Engineering firm. We give delete permissions to our Project Discipline Task Leads only. Project Team Members and External Users do not have delete permissions. At first there were a lot of complaints but after time they gave up arguing and live with it. It does create a little extra work as we create a ProjectWise Logical Group for the Task Leads for each project. All in all I feel it works fairly well, we definitely get less requests from users to restore files they accidentally deleted.
We let the project manager decide. Usually we try to talk them into at least limiting create & delete folder capabilitiy for everyone (internal & external) except project leads as that can go crazy.
Frequently file delete is given to external projects if their are folders for each company, and then only in their own folders.
For more strict Project Leaders we typically have a group we call Power Users that can delete files & folders (also free other users files) and then we'll restrict that ability.
Plug time: I'm doing a session at the King of Prussia Bentley LEARN conference on HNTB's security policies.
5 years later . Kev v H - is this still your current method for controlling Document Delete? We have considered trying to automate the process and have hit a number of pitfalls in the attempt. I believe each Project Team (from 6 to 10 members) should have at least 2 members trusted with document delete access/permission. I like your Power User group idea; every Project team would then have at least one member of the group.
Yes. Each project gets its own Power Users group. That group has the ability to create/delete/free files and folders anywhere in the project. This group is usually 2-4 people but the project selects who they are.
Our recommendation to projects is to not give create/delete folders to other users, sometimes they agree with us, sometimes they don't. Either way we try to get them to have a standard set of permissions and we can usually template their preferences then tweak as needed.
We have specific data managers in high-level teams that have delete permissions on files only because folders / projects were / can be more challenging to restore.