General Topics > Helpline

EPIC Security


Tom Fisher:
I don't have an easy way to test this out - and I think I know the answer - but wanted to ask.

If you give a non-admin user the rights to the security area in Epic - can they then make themselves an admin?

Jeff Golas:
From a 10,000 foot view most likely, although I think Epic's permissions can be more granular than that. Are you trying to give someone like a password reset role?

Tom Fisher:
Basically agency wants a power user to have access to everything except accounting.  but if they have access to security - it seems pointless if they can then just grant themselves access to accounting... or reset the accountants password... or create a new user with access to accounting ... etc.

Jeff Golas:
Yeah if they'll have the ability to create a user or reset a password, thats pretty much god mode. A couple ways around that are I think you may be able to have a user mostly do all that except for create users and reset passwords, OR limit them by Agency/Branch.

They would not have the ability to change themselves to an enterprise admin. Since they would be logged in as themselves it would advise the user cannot be edited because the user is currently logged into the system. However, they could still make changes to security as you indicated. Unless this person will actually be making security changes for others, I can't imagine why they would even need access to security.


[0] Message Index

Go to full version