For two types of security groups you can specify specific limitations in order to narrow the authorizations for the members of these groups:
- "Machine specific security group"
- "Shared-with-xxx" security groups (one group for each trusted company)
To define specific security settings, go to the page Security in the web administration application. Click the three bullets on the right side of the screen and choose "Show policies" from the drop-down menu.
Per type of data (collateral, specification, and so on) you can set specific rules. Note that what you can select in the column "specifics" depends on whether or not you select a specific machine in the first column.
Here is an example of settings that let you view all documents for all machines but limit respectively the view and editing for two particular documents on a specific machine:
Keep in mind that the end result of what a person can or cannot see or do is the outcome of the combined settings of the groups of which the person is a member. More details on the rules that apply can be found here.