Security Manager problem

Started by Lance Bateman, May 18, 2011, 08:57:20 PM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

Lance Bateman

Okay - remember that I had nothing to do with the setups of security manager here, and apparently no one is here that was involved.

The setup is extremely convoluted, and some month when I have the time, I'll want to totally redo it.

Problem - CSRs have pretty extensive rights for activities, except to delete them.  The can't revise "closed", but they can "open".  Watching them, it appears they can re-open a closed one.  However, on any open or closed one, they aren't able to modify the description once it was already entered (and they need to related to our imaging set up).  There are no other restrictions in the CSR Group on activities.

However - it appears they are members of about 15 groups, most of which appear ridiculous, and I'm concerned there may be a problem with inheritance.

Any thoughts on how to fix this so they can modify the description line on an open or closed activity?  (Need to add an * when attaching the image).

brinkerdana

Know you were on Vision for while and there were changes to Activities where you could go back in and add information without changing the original.  However, some agencies didn't like not being able to search based on later input and blocked the ability to change them in Security.

Sounds like another "fun" project, Lance! 

As a CSR, I NEED to be able to change the description line.  For example:  CHGR  Add 2011 Chev Pickup #54321 instead of it reading "Change Request". 

Good luck!

Dana Brinkerhoff
Retired

Jeff Zylstra

My understanding was that you can change the description line until you close the activity. Is that incorrect?

Also, the newer versions of activities in 10.0 are designed to append further updates to that activity with time and date stamping.  I've always thought that all of the activity was searchable.  Now you have me worried! 
"We hang the petty thieves, and appoint the great ones to public office"  -  Aesop

Jan Regnier

We can revise the description on closed activities (OPTIONS/ACTIVITY DETAIL)- not the activity itself though - can add to it but not amend what is already there.

Security setting for us:

CANNNOT:  Delete Closed, Delete Open

CAN: Add, Print, Revise Closed, Revise Close Limited, Revise Open, Revise Open Limited, View
Jan Regnier
jan.regnier@meyersglaros.com
Meyers Glaros Group, Merrillville, IN 26 Users
EPIC 2020, Office 365, Indio

Lance Bateman

Thanks Jan.  I'll add the "revise closed" and see if that helps.  Otherwise - it's the dreaded track down inheritance problems with the multitude of wacky "groups" that were set up.

Charlie Charbonneau

Might it be easier to create new groups with your guidelines and move access over to the new groups once they are set to your liking?  I know this may be recreating the wheel, but at least you'd know who had what?
Charlie Charbonneau
GBMB Insurance
San Antonio TX.

EPIC 2022, CSR24, Windows 2012 Hyper-V & 2016, Win10/11 Pro Stations, Sophos Anti-Virus.
.                .                 ..              ...

brinkerdana

Agree with Charlie.  With the mess you're facing, it's probably just easier to start from scratch.

Dana Brinkerhoff
Retired

Lance Bateman

Jan's suggestion resolved the problem.  (Putting off the full redo as long as I can I guess - at least until after I know that "WTF May 21 cr**" is over???).  Hey, it's a good excuse?

Robin Deatherage

Hi Lance.  I know this is going to be more than you were looking for right now but one of the topics from our chapter meeting last week was about Security Manager.  When you are ready to try and tackle this project, the recommendation is to:

1. Create new groups, 2. Grant rights to each group, 3. Add existing users to the new groups, 4. Remove existing rights and groups from all users.  (No user should have individual rights, they should all be inherited from a group they are a member of. Since #4 is the only one that actually effects production you can work on the others as time permits. 

To start, it is recommended that you print out the entire tree of what's available and give it to the owner, and all dept managers and let them decide what access their people need (you probably need to have meetings with them to discuss and answer questions). 

Once they give that back to you then you can see what groups you need to create.  Which will probably be several major groups such as CSR, Producer, Accounting, Claims, etc.  These major groups should have the bulk of the permissions. 

Then you will have some minor groups which might be Night Utilities, Close Day, Download, HIPAA, Claim Reports, etc.  Each of the minor groups should have access to only the items needed to do the one specific task it is intended for.  So if you have a CSR who also runs Close Day, that CSR should be in the CSR group (where they will get the majority of their permissions) and the Close Day group.  That CSR may be the only one in the Close Day group, just depends on your agency. 

Once you are done you should save a pdf file of each groups security with a copy on the network and burn a copy to a cd kept offsite.  If you have to recreate the security manager later it will be invaluable.  Does any of this help?
Robin Deatherage, CIC
Chas. Lunsford Sons & Associates | Roanoke, VA
Applied Private Cloud Server; TAM 2014; Fax@vantage v9; Office 2010;
Applied Hosted Exchange; 3 Office Locations

Lance Bateman

Yep, Robin, have gone through all that before at another agency.  I know what steps have to be done, just really putting it off at this point as much as possible, trying to make current setup work (Jan's suggestion did resolve the question I started this one about).

If you've seen my prior postings regarding issues I walked into here, you'll know this is just one of MANY items going on a priority list.

Robin Deatherage

Quote from: Lance Bateman on May 24, 2011, 01:12:20 PM
Yep, Robin, have gone through all that before at another agency.  I know what steps have to be done, just really putting it off at this point as much as possible, trying to make current setup work (Jan's suggestion did resolve the question I started this one about).

If you've seen my prior postings regarding issues I walked into here, you'll know this is just one of MANY items going on a priority list.
;)  I should have known you were already experienced on this. 
Robin Deatherage, CIC
Chas. Lunsford Sons & Associates | Roanoke, VA
Applied Private Cloud Server; TAM 2014; Fax@vantage v9; Office 2010;
Applied Hosted Exchange; 3 Office Locations

Lance Bateman

But the reminder never hurts, Robin.  Also, put "and frustrated" next to the "experienced"???

Quote from: Robin Deatherage on May 24, 2011, 04:03:29 PM
Quote from: Lance Bateman on May 24, 2011, 01:12:20 PM
Yep, Robin, have gone through all that before at another agency.  I know what steps have to be done, just really putting it off at this point as much as possible, trying to make current setup work (Jan's suggestion did resolve the question I started this one about).

If you've seen my prior postings regarding issues I walked into here, you'll know this is just one of MANY items going on a priority list.
;)  I should have known you were already experienced on this.