Restrict Support team to only access the process instance and not the Process model object itself

Question

What security settings should be given to restrict support users to access only the process instance but should not have any access to the main object itself ?

Stefan Helzle · Answer

Does this answer your questions: 
 docs.appian.com/.../process-model-object.html

Mathieu Drouin · Answer

I would assume Designers + Viewers group on the Process Model itself for the ability to view Process Instances. 
 Removing them from Process Model Creators should remove the ability to create new Processes.