Dear ServiceDesk Plus Support Team,

I would like to propose an enhancement to the Solutions (Knowledge Base) module.

Currently, all technicians can generally access shared solutions. From an information security and ITIL best practice perspective, it would be highly beneficial to introduce group-based access control within the Solutions section. Technicians should be able to share and view solutions only within their respective support groups, unless explicitly granted broader access.

This enhancement would align with the ITIL principles of:

• Information Security Management

• Least Privilege (Need-to-Know principle)

• Controlled Knowledge Sharing

Some solutions may contain sensitive operational, infrastructure, or security-related information that does not need to be visible to all technician groups.

For example:

1. Security Operations Group
   A solution documenting internal firewall rules, privileged access procedures, or vulnerability mitigation steps should not be visible to application support or end-user support teams.

2. Infrastructure / Domain Administration Group
   A solution explaining domain controller recovery steps or service account credentials handling procedures should be restricted to the infrastructure team only.

Implementing group-level visibility and permission controls for Solutions would significantly improve information governance, reduce unnecessary exposure of sensitive technical data, and better support compliance and security audit requirements.

Thank you for considering this suggestion. I believe this feature would enhance both security posture and ITIL alignment within ServiceDesk Plus.

Kind regards,