You've been there: logging into your HubSpot portal on Monday morning to discover an ecosystem of unfamiliar apps that definitely weren't there on Friday. It's digital trespassing at its finest—someone's been in your portal, rearranging the furniture without leaving a note.
Until now, HubSpot's permission structure has operated on a surprisingly simplistic principle: trust completely or not at all. This binary approach created unnecessary risk and bottlenecks across organisations of all sizes.
The reality of modern marketing, sales, and service teams is far more complex than "can edit" or "can't edit." Team members need varying levels of access to different functions, and the previous all-or-nothing approach forced admins to make uncomfortable compromises.
HubSpot's new permission structure introduces surgical precision to what was previously a blunt instrument. Let's examine what's changed and why it matters:
Previously, the ability to install apps automatically came with the power to remove them—a classic example of HubSpot's binary thinking. The new permissions wisely separate these actions:
This separation prevents the all-too-common scenario where someone installs a promising new tool, decides it's not useful after minimal testing, and removes it—not realizing it had become critical to another team's workflow in the meantime.
The previous approach to sequences was particularly problematic for sales teams. Creating effective email sequences requires significant testing and refinement, yet anyone with sequence permissions could alter or delete anyone else's work.
The new controls include:
This change means your carefully crafted nurture sequences won't vanish because someone decided to "clean up" the portal during a slow afternoon.
The merge function—perhaps the most potentially destructive capability in HubSpot—is finally getting the respect it deserves with dedicated permissions. Previously bundled with edit rights, merge capabilities now stand alone for:
This separation acknowledges that merging records is fundamentally different from editing them. It's the difference between updating someone's phone number and deciding that two people are actually the same person.
The ability to create new records is now distinct from editing existing ones—a subtle but significant change for data governance. This separation allows team members to maintain data quality without contributing to database bloat.
For example, customer service representatives can update contact information during support interactions without creating duplicate records when they can't immediately find what they're looking for.
The product library—often containing sensitive pricing and product details—now has its own permission structure. Admins can control:
For organizations with complex pricing structures or confidential product information, this update ensures that your product data remains consistent and accurate.
While preventing digital disasters is compelling, the strategic benefits extend far beyond mere damage control.
The most significant advantage is the ability to distribute responsibilities across your team without the nagging worry that someone will accidentally break something important. This confidence enables:
Granular permissions allow HubSpot access to mirror your actual organisational structure rather than forcing artificial limitations based on technical constraints. This alignment means:
As organisations grow, maintaining control over the HubSpot environment becomes increasingly challenging. Granular permissions provide a framework for sustainable governance that can evolve with your team.
Before diving into your permission settings, consider these strategic approaches:
Begin by understanding how your team actually uses HubSpot:
This baseline understanding will help you identify where tighter controls are needed and where additional access might improve efficiency.
Rather than addressing permissions individually, develop standardised permission profiles for common roles:
These profiles serve as templates that can be applied consistently as your team evolves.
Consider a measured rollout of the new permission structure:
This approach minimises disruption while maximising adoption.
To illustrate how these new permissions translate to everyday situations, consider these scenarios:
Challenge: Your marketing specialist needs to manage campaigns and update contact information but shouldn't create new database objects independently.
Solution: Grant them:
This permission set allows them to maintain data quality without contributing to database sprawl.
Challenge: Your SDR needs to work with sequences and update prospect information but shouldn't alter established sales processes.
Solution: Provide them with:
This approach empowers them to execute their role while protecting critical sales infrastructure.
Challenge: You've engaged a contractor to help with a specific data cleanup project.
Solution: Configure their access with:
This focused permission set empowers them to address their specific task without introducing new risks.
For organisations with complex HubSpot implementations, consider these advanced approaches:
Combine object-specific permissions with team-based access controls to create sophisticated permission structures that reflect your organisational complexity.
Develop protocols for temporarily expanding permissions for specific projects with clear documentation and expiration dates.
Establish a cadence for reviewing and refining your permission structure to ensure it continues to meet your needs as your organisation evolves.
These updates represent significant progress, but the evolution of HubSpot's permission structure will likely continue. Looking ahead, we might anticipate:
HubSpot's new permission structure transforms what was once a source of frustration into a strategic advantage. By precisely controlling who can do what within your portal, you create an environment where team members can confidently contribute without inadvertently causing problems.
The days of mysterious app appearances, vanishing sequences, and accidentally merged contacts are finally behind us. In their place, we have a permission structure that reflects the complexity and nuance of modern business operations.
These changes don't just prevent problems—they enable a more distributed, efficient approach to managing your HubSpot portal. And that's something every admin can appreciate.