For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
DeveloperAcademyCommunityStatus
  • Getting Started
    • Welcome to Moveworks
    • Roadmap & Release Notes
    • Moveworks Best Practices
    • Labs
    • Professional Services
    • Support
  • AI Assistant
    • AI Assistant Overview
    • Capabilities
    • Web Experiences
    • Analytics & Performance
      • Configure Analytics and Data
      • AI Assistant Insights
      • Customer Satisfaction Survey (CSAT)
      • Data API
      • Submitting an Analytic Data Request
      • Analytics Support Guide
      • Custom Views & Data governance — “How to?” Guide
      • Governing interactions - Best practices
      • Enterprise search insights
  • Enterprise Search
    • Overview
    • Agentic RAG Overview
    • Content Ingestion Platform
    • Profile Boosting
    • Retrieval
    • Permissions Platform
    • Built-in Content Connectors
    • Build your own Content Connectors
    • Configure Search
    • Configure Enterprise Search
    • Vetted Content
    • Writing AI-Ready KB Articles
    • Document Chunking and Snippetization Overview
  • Productivity Boost
    • Overview
    • Configure Productivity Boost
    • Quick GPT
    • Calendar Management
    • Brief Me
DeveloperAcademyCommunityStatus
On this page
  • Determine who should have access to all user interactions.
  • Create and share custom views, instead of all data products
  • Follow the principle of least privilege (PoLP)
  • Keep permissions in check
AI AssistantAnalytics & Performance

Governing interactions - Best practices

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Enterprise search insights

Next
Built with

Checkout the academy course on Governance : HERE

Determine who should have access to all user interactions.

The Interactions table contains all user conversations, which may include sensitive and private information (A user might share their social security number, or ask specific about the doc that only a few people own). Because of this, broad ownership of Interactions is not recommended. Customers must follow the principle of least privileges and the first step is to determine who at their org needs access to all user interactions to get their job done.

Only the people who absolutely require all user conversations , should be given the “Interactions viewer” role. This role can only be given / revoked by Super admins.

Create and share custom views, instead of all data products

If at your org, there are employees who need not have access to the entire table, but partial data. _(Example : Interactions for a specific domain like IT, HR, Finance, or Interactions for specific topic, or interactions for specific plugins), we recommend to create custom views of the dashboards. Custom views are filtered versions of reports that can be saved and shared with users.

For example : You can create a custom view for IT interactions and share it only with IT admins. You might also create a custom view of user interactions belonging to a specific plugin and share it with your Agent studio developer, so that they can identify improvement areas for their plugins.

Follow the principle of least privilege (PoLP)

The principle of least privilege (PoLP) is an information security concept which maintains that a user or entity should only have access to the specific data, resources and applications needed to complete a required task.

Example :

If an analyst needs to report on plugin usage and adoption, they need not require the overall interactions table access, only a custom view of interactions table, that only contains the interaction ID and plugin name. By using these two data columns they shall be able to achieve their job, and hence must only be given access to a custom view built on top of Interactions table containing only these two columns.

If a Knowledge worker only needs to report on best and worst performing content items, they must not be given access to entire Interactions table. Their job can be achieve by two data columns : “Resource name” and “Interaction ID”, using these two data columns they can report on top and worst performing content items and hence must be shared a custom view containing only these two columns, instead of sharing entire Interactions table.

Keep permissions in check

We recommend regularly reviewing shared custom views and revoking access for users who no longer require them. As new conversations accumulate over time, outdated access can unintentionally expose future user interactions. Keeping permissions up to date ensures that only the right people can view sensitive data.