This looks to be a data leak.  How/why can a Parent find all of the assets?
 

@DLeyden 4909d0d pca Thank you for submitting your question to our community!

I am currently looking into this with our development team! I will update you once I hear back from them with an update. 

@DLeyden 4909d0d pca While this has been submitted to our developers for review, it would be a workaround to direct parents to the quick ticket menu instead of the “My Assets” tab. 

You can set up a Quick Ticket for a generic student device (either model or model category), then set up your issue categories and issues. Additionally, you would need to add a custom field requiring them to enter their child’s asset tag. 

The parents can then easily submit a ticket with the asset tag. The agent working on the ticket will copy and paste the asset tag to update the ticket with the proper asset.

@Jessica Adkins Thank you for the recommended workaround, but we can’t really implement the parent login until the ability for parents or students to add favorites has been restricted or addressed, as it constitutes too much of a DLP risk for our schools. We utilize asset information quite extensively for automation and information collection, as well as to selectively share information about assets to agents who do not have access to other systems, so restricting information flow into those assets is not an option either.

Our ideal implementation would be that parents would automatically have all of their students’ devices automatically populated as favorites when they log in, as we provide a small variety of devices and families often submit tickets about the incorrect asset. This causes complications between IncidentIQ and our inventory system, as we need to make manual corrections when a family sends back a device that’s assigned to a different student, or is mistaken about which device belongs to which student when one student withdraws and the another remains with the school.

If this issue does get addressed, implementing quick tickets is a great idea though . Please keep us posted on this, as we have a very tight time window to implement any broad changes while students are out for the summer!

@DLeyden 4909d0d pca I completely understand, and we will definitely keep you updated!

@Jessica Adkins Can we please get an update?

I went ahead and created an idea for this thread; we are working on breaking down those permissions more in order to limit visibility. I was advised by my team to go ahead and create an idea for you to upvote and follow for updates: 

Good morning and Happy Tuesday!

Over the weekend, we released a patch to ensure that only users with the appropriate permissions can favorite assets. This update should allow parents to use the IIQ platform without favoriting assets and therefore without accessing asset metadata.

Please let us know if you continue to experience any issues with this solution.