Can we get an update on this? Echoing the years of concern in this string, this is a gaping security hole that prevents the effective use of Asana for basic process control. If you can’t have basic permission controls over tasks in the ways laid out by the many users here, then because tasks (or years worth of projects and files) CAN be deleted, at some point they WILL be deleted, either accidentally or intentionally. The comment-only features are helpful, but do nothing to close the security hole for anyone who is not only a comment-only contributor.
It makes using Asana more like an interesting (and beautiful!) app, but when it comes to data security not a serious industry-standard contender like a Salesforce or a number of ERP solutions. If I were a developer for asana, I’d want to be better than that. But maybe we should just accept that they aren’t (yes, that is a challenge).
I’ll continue to use it for now as I LOVE the interface. But at some point, assuming we continue to grow, switching will be inevitable if we want real data security for all our projects and processes.