Is there an option to restrict WHO can invite others to collaborate in an organization?
OR
Is there an option to completely restrict someone outside an organization to access a file, even if he is invited by someone within ? (Admin pains)
Suggestion 1 : Some options for admin to restrict/allow others to invite others.
Suggestion 2 : Some option to restrict organization level files from outside access (even with invite)
Suggestion 3 : A new “FILE_SHARE” Webhook to catch the file share event and do some workarounds to avoid this problem.
Page 3 / 3
Please comment, upvote, share, expand on this thread. I really don’t want to have to change tools again but this is unacceptable and literally why we left our last tool. If they are pay-walling basic access controls I will not have anything to do with their platform.
You know after all the kerfuffle regarding Enterprise and none of its features coming to Organization, it dawned on me that (AFAIK), even Entreprise seems to be missing one of the features that, when you think about it, would already bring this level of individual responsibility and consequent security that we’re all missing:
For every Figma member, show WHO invited them
You can now randomly find instances where the person who upgraded someone as editor is visible. And maybe some other examples. But not all.
Just show for every role change, including invitation as viewer, who was the initiator. At the very least, you can educate those “enablers” with whatever Figma access policies you have at your company.
Hope another design tool beat FIgma.
Again cleaned up multiple editors from our Figma org who had joined using gmail and whatnot for Figma their account and had instantly upgraded themselves to editors. Someone must have had invited them so I guess they were not totally outsiders but it’s getting really painful to manage the Figma users and this security loophole is frightening.
I do understand that there’s need for the Enterprise tier but it should be justified by feature set (i.e. workspace). Security cannot be part of that, it just needs to be present at all Figma plans.
You were wishing to get more control over permissions in order to make admin’s tasks easier and have more control of editors? Best $Adobe can do is less control:
Figma last week pushed an unnanounced update where people can request to join Teams ONLY WITH EDIT RIGHTS, by default. They even removed the text field where people can write a reason to request access.
I repeat: every time a user request access to a Team, instead of having the option to request view and edit access, it will be sent with edit access, even if they don’t need to edit anything. Try it yourself, click “request access” in any team you’re not in.
Here’s the official statement from support after we contacted them thinking this was a bug (so naive of us!)
I could swear I saw somewhere that Enterprise would allow to restrict who can invite others, but it’s still not available. Unbelievable for more than $70 per month per editor.
I can’t believe that this is true. I just went to see where I messed up and found that there is no way to stop people without budget approval from just inviting others and ballooning the bill.
