Ability LMS Help
Click here to see this page in full context

Control Access to Records

  1. Define Security Tiers

    Create security tiers to reflect logical groupings of records in your organization.  For example, you may wish to create one security tier for corporate level training and additional security tiers for the sites.

  2. Assign User Roles within Tiers

    Assign users security roles in the security tiers where those users will need to access or modify records.  For example, a system administrator would be given the administrator role in the "Database" tier, while a training administrator for a particular site would be given the administrator role only for that site's security tier.

    Since role permissions inherit across tiers, a higher tier role will automatically be given the same role in lower tiers.

  3. Step 3:  Define Security Policies

    Create security policies to control the actions users in a tier may perform upon particular records.  

  4. Step 4:  Apply Security Policies to Records

    Open individual records, and assign policies using the Record Permissions View.

 

Example:  Securing records between two sites.

  1. Create a Security Tier called "Site A".

  2. Create another Security Tier called "Site B".

  3. Assign one user the Administrator role in tier Site A.

  4. Assign a second user the Administrator role in tier Site B.

  5. Create a Security Policy called "Site A - Full Permissions", and assign full permissions of all record types to tier Site A.

  6. Create a second Security Policy called "Site B - Full Permissions", and assign full permissions of all record types to tier Site B.

  7. Create an activity called "Activity A", assign the security policy "Site A - Full Permissions" to Activity A, and remove the default policy, "Everyone - Full Permissions".

  8. Create an activity called "Activity B", assign the security policy "Site B - Full Permissions" to Activity B, and remove the default policy, "Everyone - Full Permissions".

  9. The administrator for Site A will be able to modify Activity A, but not Activity B.  Likewise, the administrator for Site B will be able to modify Activity B, but not Activity A.

Note  Access to enterprise security functionality utilizing Tiers and Policies must be enabled by a system administrator.

Related Topics: