Security Overview

Documentation HomeDownload as PDFSee also: Workbench Setup Guide

This module looks at User Security within Workbench.

 

OVERVIEW

There are six main levels of control over system security:

User Database Security
The Network login of a user must be set up under their People record in Workbench before that user can access the software. This gives them the software rights as per their Windows login (Windows authentication)

Where Windows Authentication is not appropriate SQL Authentication can be used. This requires a program copy per user, as they are individually linked so that the identity of the person is defined against their transactions.

Control Parameters
These are System wide settings maintained in Control Parameter Maintenance, which determine the way aspects of Workbench operate for all Users.

Menu Security Group
Every User is allocated to a Menu Security Group that is appropriate for their role within the organisation. The Security Group determines which menus can be accessed. A User may have only one Menu Security Group.

Admin Security Group
Each User can belong to one or more Admin Security Groups. These Admin Security Groups define the Admin Functions that you wish to make available to the User.

Admin Functions set various levels of Security in their own right, and generally control how individual screens may perform. They are specific to Users in the Admin Security Group, not system wide.

The control is the cumulative effect of all the Admin Functions in the Admin Security Group(s) attached to the User.

Reports Security Group
Each User can belong to one or more Report Security Groups. Report Security groups define which reports are available for the logged in User to run in the various reporting screens.

The Control is the cumulative effect of all the Admin Functions in the Admin Security Group(s) attached to the User.

Profit Centre Groups
All Jobs belong to a Profit Centre.
A Profit Centre belongs to one or more Profit Groups.
One or more Profit Centre Groups can be allocated to a User.

The User is the restricted to seeing / entering data only to those Jobs which are Profit Centres which form part of their Profit Centre Groups.

For Example:
Job Managers may be allowed to view their own Profit Centre but only Admin Staff may be required to view many Profit Centres.

  • This would mean tat there would be a Profit Centre Group with one Profit Centre in it, and the Job Manager would belong to that Group.
  • There would be a Profit Centre Group comprising many Profit Centres, and the Admin Staff would belong to this group.

The functionality allowed within a Profit centre is also controllable at a data type level. To get a view of the Security profile attached to a specific User, Use the "Who Am I?" option in the Help menu to display this profile.