This article provides a basic outline of what Security Permissions could look like when used across multiple security groups. This is based on what we have found to be successful, however, you should use your best judgment about what would work best within your unique organization.
- First, you will find Security Groups outlined with recommendations and common uses.
- Second, you will find Security Permissions that are commonly found setup within these groups.
Most organizations have at least two security groups, depending on how complex the organization is, you could have more.
Below you will find examples of common groups:
- Administrators (Required)
- Admin users have access to all items in the system. These would be the employees who need access to approving, overseeing, editing, and more. Most of the core implementation team will be Admin. users and remain that way after launch.
- Front Line / Front Desk (Recommended)
- Outside of Admin, this is the next most common and recommended user group. This will be for the staff who are working day-to-day with the system. They do not necessarily need editing rights to the activities and facilities, but they need to perform basic check out functions.
- Managers (Common)
- This group would have permissions similar to Admin, but would not have all-encompassing access.
- Finance (Common)
- Some organizations like to have a group for the finance department. Most likely they would only have access to reporting and closeout features. No editing rights to modules.
Depending on the complexity of your organization, you may have groups such as Superintendents, Supervisors, Office Managers, IT, etc. There is no limit to the number of groups that can be set up.
Note: Do not add users to multiple different groups. This will cause issues when the system is trying to determine what a user has access to.
Groups by Location
An additional option would be to outline security groups by location. This means that not only can you have different permissions set up for groups, they can be the same permissions, but specific to a location.
- Front Desk – North Park
- If the user is logged in at North Park, they can only perform their permissions as it relates to this location.
- Front Line – Community Center
- Same as North Park, but specific to the Community Center.
Below you will find recommendations for Security Permissions for commonly used groups.
- This is an automatic group, you are unable to adjust the settings. This group will have access to viewing and editing all aspects of the system.
- You will most likely have almost all boxes checked for this group.
- Some permissions you might not allow access to would be the Configuration tab and Security tab.
- Front Line / Front Desk
- Recommend to allow permissions for most Point of Sale items.
- You probably do not want to allow them to edit anything that has to do with activities or facilities.
- Viewing rights are typically acceptable.
- Some organizations allow Front Desk staff to perform more actions than others.
- Example: Some like to allow refunds and voids, others require managers to do that. Keep in mind your policies.
- There will not be very many boxes checked for this group.
- You will only want to allow access to items such as Reporting, Close Out and GL Configuration, Voids, the Transaction Browser.