About Entity Level Security

In order to access services within Aptify, users must have permissions granted to the entities that define those services. These permissions determine whether the user can create new records or read, update, and delete existing records. Permissions at the entity level also determine whether users have the ability to merge records within that service, or to view or update data through the use of the Object Viewer.

The Entity Level Permissions are cumulative and least restrictive so a user that is a member of two groups has the privileges of both groups. For example, if a user is a member of one group that has merging privileges for an entity and also is a member of a second group that does not, then the user has merging privileges for the entity. If a user can use the Object Viewer to display entity records, then the user has both merging and Object Viewer privileges for the entity. See Administering User Groups for more information.

You can review an entity's security settings by running one of the security reports available from the Report wizard within an Entities view. The Application service also includes a security report.

Only system administrators should have the ability to modify entity group and user permissions, as incorrectly applied security configurations could result in unauthorized users accessing restricted information.

Each entity needs to have permissions granted for any user or group of users other than the administrator to access the entity in some capacity. 

Important Note Concerning Entity Security

Aptify ships with a default set of permissions for each entity that is considered to be a starting point in the implementation process. Since every client implementation adopts a different security model specific to the user and group structure of each organization, it is important to apply this security model to the standard Aptify system. 

Rather than making assumptions regarding the appropriate security configuration in the installation process, Aptify believes that security should be examined during the implementation process, and entity security settings should be modified as necessary. Note that modifying the security attributes for existing entities does not violate any software warranty.

Contact an Aptify consultant for more information about how to design and implement a security model for your organization.

Was this article helpful?
0 out of 0 found this helpful



Please sign in to leave a comment.