Security Roles - Role-Based Security
The security is based on individual roles within the organization. Rather than looking at security from a concept of what people can or cannot do, this focuses on groupings of similar tasks. This method allows an organization to establish a structure of security long before it has been decided who would perform those duties.
The application of security to each user is facilitated by security roles. Modifications to the security structure that can be grouped and named individually and then applied to users in layers. One role might provide access to some CDD folders that the user will run reports from. Another role might control how much financial information they can see in BusinessPlus at any given time. How the roles are created and managed is perhaps the most important and potentially time-consuming part of setting up the security in BusinessPlus.
An important aspect of the security roles is the concept of "derived" permissions. This means that, unless otherwise specified, a security object will inherit its security from the security object above it in the security structure. If that is not specified, it will continue to ripple up the hierarchy until it either finds some explicit security or no access at all. In this way, security does not need to be applied to every single object in the security structure but can be granted for all nodes under a parent security object. However, as soon as a security object has its derived setting removed it will no longer be impacted by the object above it.
Once the user has a solid understanding of role-based security and has developed a plan for their organization the next step is to begin creating the initial security roles based on that plan.
See Security Roles Setup for more information.