Understanding the hierarchy of Viewpoint Vista Security can be a little challenging at times. Partly because there are many different ways to manage the securtity of programs, reports, attachments, queries, and data within Vista. It can make it easy to inadvertantly give a user more access than intended.
Mistakes that can be made when setting up security access include:
- Selecting "Global" or "Across All Companies" in the Companies box will give the User or Group access to ALL companies within the database unless you use Company Data Security to assign company access to each employee.
- Selecting "All" in the Modules box can inadvertantly give the selected User or Group access to ALL modules.
- Selecting "All" in the Groups or User box can inadvertantly give ALL of the Groups or Employees rights to the selected Companies and Modules.
Be careful and alert when making these selections.
Assigning users to multiple security groups that contain the same forms, reports, or attachments can cause conflicts.
The least restricted setting is a security group with global level security, the next restrictive is a security group with company level security, then a user with global level security, and finally the most restrictive is a user with company level security. If you assign multiple groups, the most restrictive will override the least restrictive. However, when there are two conflicting groups at the same level, it will defer to the lease restricted group.
The easiest way to deny a user access is to not assign them to a group with access. Access of "3-None" only means that it will look to the next level to determine access. If every level has "3-None" then they do not have access, but if just one assigned group has "0-Full" access, then the user has access.
While it is not the preferred strategy, there is the option to deny the user at their user level. To do this, select "User" for the "Select By" parameter, select the user from the list, click the "Grouping" box, and then "Refresh Grid". From there you can select "2-Denied" in the "Access" column for any form, report, attachment or inquiry.
There are several reports in
Viewpoint Administration > Reports that will help you to review user and group access. This is be most effective way to audit your users' access.
If you would like assistance with Vista Security Access setup and/or review, please use our
"Email Support" option or click on the
"Book A Call" button and schedule an appointment with one of our consultants.