| Anchor | ||||
|---|---|---|---|---|
|
| Excerpt | ||
|---|---|---|
| ||
Learn to work with Security Management |
...
Security management is the center from which an organization controls access to system modules and features and ensures the implementation of its business rules.
| Note |
|---|
Access to customer data is handled through Network Management. |
...
- Sections on the Left menu
- 'New' subscriptions button in the Data Entry page
- Accounts receivable report
- Option to create WEB APIs.
Security profile fields
...
| Main Information | |
|---|---|
Name Alternative Code Number of Active Users that use the specific profile (read-only). | |
| Inherited Security Profiles | |
Security profiles can inherit existing configurations to speed up the setup process. Inherited profiles are ideal for setting additional restrictions, as their configuration overrides those of a new profile. E.g.: The security profile of management team leaders restricts access to module configuration. If the finance team leaders inherit their profile from the management, access to module configuration will be restricted despite being granted in the finance team leaders profile definition. | |
Menu Access Select menu options (left-hand side checkbox) and use 'Allow' or 'Deny' access | |
Main Menu: If access to a 'Parent' menu option is denied (e.g., Billing > Additive Discounts), the restriction is also applied the 'Child' menu options (e.g., Billing > Additive Discounts > Manage Ad Hoc Discounts). The child menu option will not be available. Shortcuts Menu | |
| Module Access | |
Define the features from each module that should be restricted to each security profile. Modules can be filtered by application area by using the list filter (). Select a module to load its security settings and use Allow and Deny access. The Actions menu button is greyed out for 'Denied' processes.
|
...
- Control the modification of shared records (e.g., create Group Collaboration Profiles to share data between the London and Manchester group, but only let Manchester users modify records created by London users).
- Control the visibility of private records (e.g., setup Conditional Security Restrictions and restrict the visibility of high privacy contact addresses and telephones to call center agents).
- Assign new records to particular users or departments according to the privacy level of each record (e.g., setup Automatic Collaboration Rules and assign new high privacy level activities to the manager).
Privacy level and privacy level group fields
...
Privacy Level Assignment Rules (PLARs) are used to automatically apply privacy levels when creating or modifying a record, based on a set of conditions set in the PLAR. PLARs can also be applied to Web API calls.
Privacy level assignment rule fields
...
| Note |
|---|
The automatic assignment of ACRS can be based on the geographical area of the contact or as defined by the setup rule. |
Automatic collaboration rule fields
...
| Restrictions | |||
|---|---|---|---|
Type | Visible Entity will be visible | Editable | Mandatory Entity cannot be saved if not defined |
| Fields | |||
| Processes | |||
| Printouts | |||
Conditional security restriction fields
...
Audit trail settings define the rules for monitoring modifications and accessing on system records either through the UI or the WEB API.
Entities and fields to be monitored are selected through audit trail settings. Only one 'Active' instance of audit trail settings can be configured for each entity. Settings are applied to predefined CRM.COM entities, through the UI or Web API, while modifying, deleting or removing information.
...
The logging of audit trail can be applied to a block of information or to block components. For example, the complete address block or specific components of the address (such as Address/District) can be monitored. When an address block is monitored, an entry is added to the audit trail every time the address is modified, added or deleted. When the district is monitored, an entry will be added when the district of an already defined address is updated.
Refer to Viewing Audit Trail for information on Additionally searching contacted in the system can be logged through audit trail logs available in summary pages.
Refer to Viewing Audit Trail for information on how audit trail settings are applied and displayed in updated records.
Audit trail fields
...
| Main Information | |
|---|---|
The Entity to which the audit trail will be applied. State of the audit trail settings instance, which can be 'Active' or 'Inactive'. The can only be one 'Active' instance per entity. Log Accessing and Retrieving defines whether the access or retrieve (search) of the data will be logged as well. | |
| Monitored Fields | |
A list of all fields related to the selected entity that can be monitored and which can be activated or deactivated individually or all at once. At least one field should be activated in an 'Active' audit trail setting. |
...
Secret keys are registered to specific URL endpoints and are used by Webhooks to generate a code that will be used by third-party systems to authenticate received data.
Secret keys fields
...
Security profiles are assigned to users through the manage users Data Entry page. The security profile is created and added to a user to define their security level.
| Anchor | ||||
|---|---|---|---|---|
|
...
The audit trail identifies changes on system records by providing information on modified values and the user that effected the change . Once audit trailed entities are established, it is or accessing of such records as well as accessing of the records either through the UI or the WEB API
Once audit trailed entities are established, it is possible to monitor their changes directly from their Data Entry page.
- Navigate to the Data Entry page of an audit trail enabled record.
- Click on the AUDIT LOG button located at the top-right corner of the page.
The Audit Log modal will open providing information on the modified fields and their changes.
...
Conditional security restrictions (CSRs) are Additionally Audit Trail logs associated to searching contacted in the system is available through the action 'Audit Log' available in Summary pages. If the audit trail is accessed then a list of all the searches taking place along with the criteria used is available.
| Anchor | ||||
|---|---|---|---|---|
|
...
Conditional security restrictions (CSRs) are automatically applied if their conditions are met. CSR examples:
...
| Note |
|---|
|
Reports
...
Audit Trail information can be extracted in a structured format for analysis by using reports. The audit trail included in the report are selected and grouped based on user-defined criteria. The user can select the fields displayed in the report.
Refer to Reports for more information.
Audit Log per Contact Report
The report displays a list of the audit trail logs of a specific Contact Information and its related entities (Accounts Receivable and Rewards Participant)
Audit Log per User Report
The report displays a list of the audit trail logs that were performed by a specific user and are related to Contact Information and its related entities (Accounts Receivable and Rewards Participant)
Security Management Business Examples
...
| Panel | ||||
|---|---|---|---|---|
| ||||
Scenario 3 Company ZX wants to monitor all address changes. Solution Configuration Audit Trail Create an 'Active' audit trail record with the following settings:
|
| Note | ||
|---|---|---|
| ||
|
...