Most of the security and access permission settings are located in the bottom half the user profile.
For purposes of this training, we built a demo employee profile that labels common security fields and what they control. Your system may not have these labels, but pay particular attention to the fields, and the security implications.
The four areas as labeled are:
|Data View Permissions||NOTE: Remember the basic premise of data view permissions - does the user own, or not own the data in question?|
||Corporate users have the ability to view all data in the system, regardless of ownership. They can specify that they would like to view data owned only by themselves, data owned by others, or a combination of both. Sysadmins and managers should have this option selected.|
|Team||As defined by the SysAdmin.
|The team designation lets a user see data owned by other members of their team, but not those who don't belong to it. This allows small groups of users to share data with each other, while restricting access to higher level data they don't need to view or manage.|
|Available Layout Groups||As defined by Sysadmin||The concepts of Layouts and Layout Groups will be explored in the next section of this guide, but briefly, they control the physical contents, or "layout" of all of the various record objects. Which fields are contained in a record, and their physical orientation are defined by the object type's layout.
This option determines which layout group(s) the user can select when doing their work.
|Site Access Permissions||Site Access permissions control which tabs the user will see in the LMP, their ability to modify data or make changes to the system.|
||This option locks or unlocks the user's ability to use the Billing, Page Permission, Layout Group, Employees, and Fields and Labels tools in the Admin tab. Even if the user's Page Permission settings would normally allow them to use these tools, if this option isn't checked they will not have access to them.|
|Page Permission||As defined by the Sysadmin.
This setting controls the level of access each individual user has to various site areas. If a user needs access to a specific object tab, and the ability to edit those objects, their Page Permission assignments control that.