Security

Access controls

Limit who can open a source, work in a collection, review a result, share a link, or download a file. Polytrace keeps access tied to the work people are doing so teams can follow least-privilege rules without slowing down reviews.

Book demo See pricing
Access controls concept illustration Answer who can see what and how access is enforced in Polytrace.

Highlights

Core capabilities

Least-privilege access

Give people the minimum level of access they need across sources, views, shares, and downloads.

Context-limited views

A collection or shared output can stay limited to the records and thread context that belong in that workflow.

Separate external sharing surface

External viewers use a constrained share surface instead of the full internal workspace.

Access evidence

Audit history helps teams answer who had access, what they opened, and what was shared.

Layers

Access layers

Organization and team boundaries

Each customer environment stays isolated so records are not mixed across organizations.

Role and reviewer access

Teams can limit who can work with sensitive sources and who can review narrower record sets.

Collections and shared outputs

Access can stay attached to the exact collection or output someone is meant to open.

Downloads and external sharing

Download rights and outside sharing can be limited separately from internal review access.

Scenarios

Review scenarios

  • An internal reviewer needs one collection but not the full source set.
  • Outside counsel needs a limited result set without access to the main workspace.
  • A team lead can share a result, but a general reviewer cannot export or forward it.
  • A record opened from a collection should not expose unrelated thread content.
01

What scoped access needs to cover

Access needs to stay clear at every layer of the workflow. Teams need to control who can open the original record, who can work from a narrower collection, who can share outside the team, and what keeps one approved result from opening the rest of the workspace.

That matters most when records include sensitive messages, attachments, calendar items, or captured pages. Polytrace is designed to keep exposure limited at the source, view, share, and download level so each person sees only what the role requires.

02

How Polytrace scopes access

Polytrace applies access at more than one layer. Teams can limit access by organization, role, source, workflow, and shared output. Access can stay narrow even when people are collaborating on the same matter, because a reviewer does not need every source and every thread to do useful work.

Context matters too. When someone opens a record from a collection or a shared result, Polytrace can keep the surrounding thread preview limited to that context instead of exposing unrelated items. Shared outputs are also kept on a separate read surface, which helps reduce accidental spillover from the main workspace.

03

Why that matters in day-to-day use

Least privilege only works when it fits the actual workflow. Legal reviewers, compliance analysts, investigators, and outside advisers often need different slices of the same record set. Polytrace helps teams give each group the access they need without opening the full record universe to everyone involved.

That is useful during matter review, archive imports, targeted investigations, and downstream sharing. Teams can keep the main workspace tighter while still moving work forward.

04

Checks worth doing in a live review

A live review should confirm who can see each source, who can view a collection or shared result, how downloads are limited, what an outside viewer can reach, and what evidence exists when someone asks who had access.

Related pages

Go deeper from here

Use the closest product, workflow, or security page to continue the evaluation.

Security overview

Start with the full security overview if your team needs a broader trust and governance picture.

Open page

Access controls, redaction, and audit

See how access limits, redaction, and review history stay connected inside day-to-day workflows.

Open page

Shared link security

See how Polytrace protects external shares with passwords, expiry dates, and access logs.

Open page

SSO and MFA

Review sign-in controls, MFA enforcement, and identity-related audit history.

Open page

FAQ

Common questions

How does Polytrace support least-privilege access?

Polytrace helps teams restrict access to the minimum needed across sources, collections, shared results, and downloads. The goal is to keep useful work moving without exposing full record sets to every participant.

Does a collection expose everything in the underlying thread?

No. Polytrace can keep thread previews limited to the active view context, which helps reduce accidental exposure to related but out-of-scope items.

Can external sharing be more limited than internal access?

Yes. Teams can keep internal review access broader while giving outside viewers a narrower shared result with its own controls.

What should a reviewer test first?

The fastest test is usually one internal reviewer and one external viewer. Confirm what each person can open, what they can download, and whether they can move beyond the specific view they were meant to see.

Next step

Walk through a real access model

The fastest review is a live walkthrough of one source, one collection, one shared result, and the people allowed to open each.

Book demo See pricing