Setting up users and granting security to those users in the Private Cloud environment has several dimension. There are settings that can only be done by the Private Cloud Administrator and other settings that are the responsibility of the end user and are not done though the back end.
There are two ways to manage the permissions of a user in the Private Cloud. These are Group permissions and Individual Permissions.
Group Permissions –
Group permissions are a way to simplify the granting of rights in larger organizations. A user group is created with a set of permissions (example A/P Clerk, Data Entry, Administrators etc). Users are then assigned to this group. Any user assigned to this group will have all the permissions associated with that group. It is possible for users to be assigned to multiple groups. If they are they will have the collective permissions of ALL the groups they are assigned.
Individual Permissions-
In addition to or in place of group permissions rights can be granted on the individual level as well. This means taking a specific user ID and granting permissions. If a user is not a member of a group then permissions will have to be granted on an individual level.
If a user is a member of a group you can still grant rights on an individual level and vice versa. In those conditions the user will have the collective rights of the group and the individual. If you make a user a member of a group and then go to them as an individual and remove rights that the group has they will still have all the permissions granted through the group.
Groups in Private Cloud-
Private Cloud Users can have any number of users groups and these can be called whatever the organization wants. Groups can only be added in the back end by a Private Cloud Tech (there is a form to fax in). Once groups are created users can be assigned to one or more groups. The assignment of a user is also a task that has to be done on the back end by a Private Cloud Tech as is removing and/or changing user group assignments (there is a form to fax in).
While creating and adding a group is a back end process, determining and assigning rights to the group is the responsibility of the organization. The organization can access these groups in the Admin Module and decide what rights are assigned to the group. Any changes to the rights in the group are done by the organization as well. The Private Cloud Team does not have access to the security menus within an organization database and cannot log in and make changes.
Individuals in the Private Cloud-
While the private cloud team will add a user and assign them to a group they cannot grant individual rights to that user in Administration. The Private Cloud Team does not have access to the security menus within and organization and cannot make changes to individual security.
Adding Security-
When an organization set up on the Private Cloud they can establish any number of user groups they desire and call them anything. Users can be assigned to any and all groups. While this is done on the back end it is important to remember that just having a group established and a user assigned to it DOES NOT automatically grant access of any kind. The organization MUST set up security on the groups if they are to function.
For Example an organization might have a group called “Accounting”. While it might be intuitive that if a person was a member of the Accounting group they could run reports but when they log in they discover they can’t. This is because the organization has not assigned rights to the group called “Accounting” and until this is done (Admin>Security>Setup Organization Menus) being a member of the “Accounting” group doesn’t mean anything. After permissions are defined for the user group “Accounting” all members of that group will have them.
If you have a situation where two users are both members of the same group and one has more rights than the other, it is because in addition to adding that user to the group additional rights have been assigned on a user level. Again assigning rights on a user level is something that is done by the end user, not settings on the back end.
Executive View-
Executive view is a licensed seat that allows additional users to log into the system, but be limited to reporting rights only. What makes a user executive view or not is if the Executive View box is checked on the Admin>Security>Maintain Users. While the organization might create a user group called “Executive View” and have a user assigned to that it does not make that user an Executive View User. To make a user an Executive View user go to the Maintain Users Screen and check the box. Checking the executive view user box will override other security settings and remove the ability to create and modify transactions that the user would have otherwise had. This setting is done by the organization and not the Private Cloud Tech.

Required Tags:

Article Type: 
Product Info
Product Line: 
Abila MIP Fund Accounting
Product Module/Feature: 
Sage Payment Solutions

Average: 4 (1 vote)