This article provides a basic outline of what Security Permissions could look like when used across multiple access groups. This is based on what we have found to be successful, however, you should use your best judgment about what would work best within your unique organization.
Most organizations have at least two security groups (Access Groups). You may end up having more, depending on your organization's needs.
Provided below are examples of common groups:
- Administrators (Required)
- Admin users have access to all items in the system. These would be the employees who need access to approving, overseeing, editing, and more. Most of the core implementation team will be Admin users and remain that way after launch.
- Front Line / Front Desk (Recommended)
- Outside of Admin, this is the next most common and recommended user group. This will be for the staff who are working day-to-day with the system. They do not necessarily need editing rights to the activities and facilities, but they need to perform basic checkout functions.
- Finance (Common)
- Some organizations like to have a group for the finance department. Most likely they would only have access to reporting and closeout features, and no editing rights to modules.
- Managers (Common)
- This group would have permissions similar to Admin, but would not have all-encompassing access.
Depending on the complexity of your organization, you may also have groups such as Superintendents, Supervisors, Office Managers, IT, etc. There is no limit to the number of groups that can be set up.
Note: Do not add users to multiple different groups. This will cause issues when the system is trying to determine what a user has access to.
Groups by Location
An additional option is to set up access groups by location. This means that not only can you have different permissions set up for groups, they can be the same permissions, but specific to a location.
In this example, the user only has the set permissions if they are logged into the Adventure Park location.
Below you will find recommendations for Security Permissions for commonly used groups.
- This is an automatic group, you are unable to adjust the settings. This group will have access to viewing and editing all aspects of the system.
- You will most likely have almost all boxes checked for this group.
- Some permissions you might not allow access to would be the Configuration tab and Security tab.
- Front Line / Front Desk
- Recommend allowing permissions for most Point of Sale (POS) items.
- You probably do not want to allow them to edit anything that has to do with activities or facilities.
- Viewing rights are typically acceptable.
- Some organizations allow Front Desk staff to perform more actions than others.
- Example: Some like to allow refunds and voids, others require managers to do that. Keep in mind your policies.
- There will not be very many boxes checked for this group.
- You will only want to allow access to items such as Reporting, Close Out and General Ledger (GL) Configuration, Voids, and the Transaction Browser.