Even though security is very flexible in GP, we are finding it very challenging to maintain without exposing users to unwanted access. Keeping internal controls and segration of duties as a forethought, does anyone have any best practices, tips, etc. on how to effectively manage GP security?
*This post is locked for comments
Thanks to everyone for the input. All of the roles I'm using are custom and fairly specific, but I haven't customized many tasks, with the exception of some for smartlist access. I'll look into the Fastpath solution.
I'm a big fan of creating custom Security Roles and Security Tasks, copying the standard Security Roles and Security Tasks before making changes. This will ensure that your custom changes are not altered during future updates (in the event a role-down occurs, overwriting changes). Maintaining these for future releases does require some additional work as new features need to be added to the custom security model created.
Microsoft offers basic level, standard role based security which I agree to an extent does not meet clients need due to having one person doing more than two tasks/role in real life (due to size of company/volume/affordability etc)
In such case, you can tailor the role and assign those task to the role. Then you assign the tailored role to the user in line with your segregation of duties norms
Hope this helps to meet your need
Regards
Hi Susan,
I agree that it can be difficult to manage. I use a segregation of duty matrix in Excel and group the users into roles. I then manage all my security at the role level. The initial setup is pretty time consuming, but managing it as users are added or deleted is easier. You may also want to look at FastPath as an alternative. http://www.gofastpath.com/
#1
Almas Mahfooz
3
User Group Leader
Share
Report
All responses (
Answers (
