Revenue Operations (RevOps) Blog | RevPartners

Understanding HubSpot Permissions

Written by Adam Statti | June 3, 2024

If you want to maintain security and optimize productivity (who doesn’t?), then learning to manage HubSpot user permissions is a must. Proper permissions management ensures that users have appropriate access to tools and data, minimizing risks and streamlining workflows. By clearly defining user roles and access levels, businesses can protect sensitive information while empowering team members to perform their tasks efficiently. 

Let’s take a look at the different types of HubSpot permissions and recent updates that can help you get the most out of your HubSpot CRM investment.

 

Permissions for Specific HubSpot Features

Marketing Hub Permissions

  • Campaigns: Control who can create and manage campaigns. 

Example:  Only senior marketers can approve campaigns, while junior staff can draft them.

  • Emails: Restrict who can draft, edit, and send marketing emails. 

Example: Junior marketers may draft emails requiring senior approval before sending.

  • Landing Pages: Manage who can create and publish landing pages to maintain brand consistency. 

Example: A designated team may handle all approvals.

  • Social Media: Define who can schedule and post updates. 

Example: Social media managers have full rights, while interns draft posts for approval.

Example: Limit this to experienced team members to avoid errors and ensure efficiency.

Sales Hub Permissions

  • Quotes: Control who can create and edit quotes. 

Example: Sales reps can generate quotes, while managers review and approve them.

  • Pipelines: Set permissions to manage visibility and edits within sales pipelines

Example: Reps see only their pipeline, while managers oversee all pipelines.

  • Documents: Manage access to sales documents. 

Example: Sensitive documents may be restricted to senior sales staff for confidentiality.

Service Hub Permissions

  • Tickets: Control access to ticket management. 

Example: Support agents handle tickets, while supervisors oversee the process.

  • Customer Feedback: Manage who can view and act on customer feedback to ensure sensitive feedback is handled appropriately.

       Example: Managers have full access, while agents see aggregated data.

 

Need help with your HubSpot onboarding?

 

Recent Updates and Changes to HubSpot Permissions

 

Enhanced Role-Based Access Control (RBAC)

HubSpot has introduced more granular control over role-based access, allowing administrators to define permissions at a highly detailed level. This update facilitates the creation of specific roles tailored to unique business needs, enhancing security and operational efficiency.

With these enhanced RBAC and custom permission sets, administrators can precisely control who has access to various tools and data. 

Example: A marketing manager can be granted access to social media tools without being allowed to view or modify sales data. 

This level of specificity ensures that sensitive information remains protected while providing team members with the necessary access to perform their roles effectively.

Audit Log Enhancements

HubSpot has expanded its audit logs to provide more detailed information about user activities, including tracking changes in permissions. This enhancement aids in compliance and security monitoring, offering organizations detailed records that are crucial for meeting regulatory requirements.

Such detailed audit logs are particularly important for industries with strict compliance needs, such as finance or healthcare, where maintaining meticulous records of permissions and user activities ensures adherence to legal and security standards.

Example:  A healthcare provider using HubSpot can utilize these enhanced audit logs to track and document any changes made to user access regarding sensitive patient data. 

This capability ensures that any adjustments to permissions, whether granting, modifying, or revoking access, are recorded in a way that complies with HIPAA regulations. This level of detail not only helps in audits but also in providing transparency and accountability in data management practices.

Custom Permission Sets

Administrators can now create custom permission sets that go beyond the default roles. These sets can be assigned to individual users or groups, providing more flexibility in access management.

Example: If the Marketing department needs access to the Sales calendar to coordinate on promotional events, an administrator can create a custom permission set that grants the Marketing team access to the Sales calendar and essential customer data while keeping financial details restricted.

Temporary Access Tokens

A new feature that allows administrators to grant temporary access to users for a specified period. This is useful for project-based work or temporary assignments.

Example:  If a consultant is hired for a three-month project, an administrator can issue a temporary access token that grants them the necessary system privileges for the duration of their contract. 

This ensures the consultant has the access needed to perform their duties without retaining long-term access post-project.

Dynamic Teams

HubSpot has introduced dynamic teams, capable of automatically adjusting membership based on predefined criteria like department or project involvement. This feature ensures that permissions remain synchronized with the user’s current role, offering flexibility and reducing administrative burden.

Example: When an employee transitions from the sales department to marketing, their permissions seamlessly update to reflect their new role. 

This automatic adjustment streamlines access control management, ensuring that team members consistently have appropriate permissions without manual intervention.

Advanced Reporting Permissions

These permissions empower administrators to regulate report creation, viewing, and sharing. This feature enhances data protection by controlling access to sensitive business information.

Example: Senior management may be granted exclusive access to financial reports, while team leads can access performance metrics. 

By restricting access based on roles, organizations can safeguard confidential data and maintain data integrity effectively.

Integration Permissions

With these specific permissions to manage third-party app access, administrators now have granular control over which users can add or modify integrations, helping to improve security and data protection.

Example:  In a marketing agency using HubSpot, the administrator can restrict modification access to the marketing team members responsible for managing the CRM integration. 

By doing so, they ensure that only trusted individuals with the requisite expertise can make changes to integrations, reducing the risk of unauthorized access or data breaches through external apps. 

API Access Controls

Enhanced API access controls enable administrators to define specific access levels for users or applications interacting with the API. This capability is particularly critical for developers and third-party app integrations.

Example: A third-party CRM integration might be granted read-only access to contact data, preventing any unauthorized modifications. 

This approach ensures that external interactions with HubSpot's API are tightly regulated, safeguarding sensitive data from potential misuse or breaches.

Summing Up HubSpot Permissions

Managing HubSpot permissions effectively is important for maintaining data security and operational integrity. It’s also essential to regularly review and update permissions to align with evolving organizational needs and personnel changes. By staying proactive in permissions management, businesses can mitigate risks, enhance efficiency, and foster a culture of data accountability within their HubSpot environment.