Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
top
top

Excerpt
hiddentrue

Learn to work with Security Management

...

Security management is the center from which an organization controls access to system modules and features and ensures the implementation of its business rules.

Note

Access to customer data is handled through Network Management.

...

  • Sections on the Left menu
  • 'New' subscriptions button in the Data Entry page 
  • Accounts receivable report 
  • Option to create WEB APIs. 

 

Image RemovedImage Added

Back to top

Security profile fields

...

Main Information

Name

Alternative Code

Number of Active Users that use the specific profile (read-only).

Inherited Security Profiles

Security profiles can inherit existing configurations to speed up the setup process.   Inherited profiles are ideal for setting additional restrictions, as their configuration overrides those of a new profile.

E.g.: The security profile of management team leaders restricts access to module configuration.  If the finance team leaders inherit their profile from the management, access to module configuration will be restricted despite being granted in the finance team leaders profile definition.

Menu Access

Select menu options (left-hand side checkbox) and use 'Allow' or 'Deny' access

Main Menu: If access to a 'Parent' menu option is denied (e.g., Billing > Additive Discounts), the restriction is also applied the 'Child' menu options (e.g., Billing > Additive Discounts > Manage Ad Hoc Discounts). The child menu option will not be available.

Shortcuts Menu

Module Access

Define the features from each module that should be restricted to each security profile.


Modules can be filtered by application area by using the list filter ().


 Application Area List filterImage RemovedImage Added

Select a module to load its security settings and use Allow and Deny access. The Actions menu button is greyed out for 'Denied' processes.

  • Common Processes: Accessing (viewing) the Data Entry page, Creating New, Editing, and Deleting.
  • Additional Processes: Actions available in the Manage Module page Actions menu or Action Panel and common processes and actions of all configuration modules of the specific entity.
  • Custom Processes that are not included as standard in the software release and have been explicitly implemented for an organization.
  • WEB APIs
  • Reports
  • Printouts
  • Interfaces that are not included as standard in the software release and are available if requested by an organization under 'Pentaho Exports' or 'Imports' in the Utilities module.
  • Dashboards  

...

  • Control the modification of shared records (e.g., create Group Collaboration Profiles to share data between the London and Manchester group, but only let Manchester users modify records created by London users).
  • Control the visibility of private records (e.g., setup Conditional Security Restrictions and restrict the visibility of high privacy contact addresses and telephones to call center agents). 
  • Assign new records to particular users or departments according to the privacy level of each record (e.g., setup Automatic Collaboration Rules and assign new high privacy level activities to the manager).

Image RemovedImage Added

Privacy level and privacy level group fields

...

Privacy Level Assignment Rules (PLARs) are used to automatically apply privacy levels when creating or modifying a record, based on a set of conditions set in the PLAR.  PLARs can also be applied to Web API calls.   

Image RemovedImage Added

Privacy level assignment rule fields 

...

Note

The automatic assignment of ACRS can be based on the geographical area of the contact or as defined by the setup rule.

Automatic Collaboration RuleImage RemovedImage Added

Automatic collaboration rule fields

...

 Restrictions

 

Type

Visible
Entity will be visible 

Editable
Entity will be available for editing

Mandatory
Entity cannot be saved if not defined 
Fields
Processes
Printouts

 

 Conditional Security RestrictionImage RemovedImage Added

Conditional security restriction fields

...

Refer to Viewing Audit Trail for information on how audit trail settings are applied and displayed in updated records.Image Removed

Audit trail fields

...

Secret keys are registered to specific URL endpoints and are used by Webhooks to generate a code that will be used by third-party systems to authenticate received data. Image Removed

Secret keys fields

...

Security profiles are assigned to users through the manage users Data Entry page. The security profile is created and added to a user to define their security level. 
Image Removed

Anchor
vAudit
vAudit
Viewing the audit trail

...

  1. Navigate to the Data Entry page of an audit trail enabled record.
  2. Click on the AUDIT LOG button located at the top-right corner of the page.
    AUDIT LOG BUTTONImage Removed Image Added 
  3. The Audit Log modal will open providing information on the modified fields and their changes.AUDIT LOG CHANGESImage Removed
    Image Added 

Back to top 

Anchor
aCSR
aCSR
Applying conditional security restrictions

...

Panel
nameblue
titleAudit Trail settings

Scenario 3

Company ZX wants to monitor all address changes.


Solution

Configuration 

Audit Trail

Create an 'Active' audit trail record with the following settings:

  • Entity: Contact Information
  • Fields: 
    • Contact Information Addresses
    • Contact Information Addresses/Area
    • Contact Information Addresses/Country
    • Contact Information Addresses/District
    • Contact Information Addresses/Municipality
    • Contact Information Addresses/Postal Code
    • Contact Information Addresses/State
    • Contact Information Addresses/Street Name
    • Contact Information Addresses/Street Number
    • Contact Information Addresses/Town
  • Contact Information Addresses/Type
Note
titleNotes

...