I am trying to work around a user type availability issue within my organization and wondering if anyone has any suggestions. I am trying to create an application that can be accessed on our internal company web page that will show the scheduled field locations for our field staff that is updated on a weekly basis. As this contains sensitive information about our clients and when our staff will be on site, it cannot be accessed by the general public. However, we currently do not run on an enterprise system and have very limited user logins, so creating a private organization group won't work unfortunately.
After reading through this document, I was wondering if anyone has solved this issue by disabling Anonymous Access? If the Web App is hosted on an internal web page that cannot be access from outside our network, would this prevent the general public from being able to search up the application and feature layers in it? I was thinking of creating a bunch of public accounts for our field staff so that they could be invited to a group that could view the application, but need to confirm that any public group will not pose a security risk to us.
Any thoughts or suggestions on this conundrum would be highly appreciated!
In order to have the application shared to your internal site, it needs to be publicly available. Disabling 'anonymous access' doesn't hide publicly available content (as far as I know), and if someone was determined they could search ArcGIS Online as a whole and find it.