Related topics

Field Level Security

Product Group Filters

Set Group Security

A security group is a collection of one or more users with the same access rights. Each security group has a name (assigned when you create the group), and each user (other than the system administrator) is a member of a group. As the system administrator, you assign access rights to the group and not to an individual user. The group a user belongs to determines the access rights of an individual user. As the system administrator, you automatically have access to all functions.

Note: The sole purpose of the security system is to restrict access to various areas within Sage HRMS. The system does not keep track of failed attempts to access system features or report on the functions accessed by users.

Security Levels

When you (as the system administrator) set up security for a group, you can establish access rights at the following levels:

The employers include all the employers you set up in your enterprise.

You assign access rights to products depending on the products you have installed and set up on your Sage HRMS system. The System is treated as a separate product to help organize tasks.

Note: You must first select N/A for the employer before you can select System as a product.

The activities you can assign access rights to include: Action, Analysis, Detail, Process, Report, and Rule. There is a different set of tasks for each activity and a different set of steps for each task.

You can also set view and update rights for groups of specific fields in an employee’s record, such as address and phone, salary, or EEO information.

Setting the Ad Hoc Reporting Security Level enables you to establish an access level for Crystal and Secure Query. This access level determines which fields in the Sage HRMS system databases are able to be accessed by the security group’s users whenever they use Crystal or Secure Query.

Add, Edit, or Delete a Group

ClosedTo Add a Group
  1. Select System > Security > Group Security.
  2. To add a group, click Add. In the New Group Name field enter the name of the group you are adding (up to 20 letters and numbers). Click OK.
  3. Click Yes to verify you are adding the group. The program builds the access rights structure for this group. The Security Group page opens.
  4. Initially a new group has no access rights. Accordingly, the page has no entries in any of the columns. The Modify button at the bottom of the Employer column is enabled, indicating you can modify access rights at the employer level. All other Modify buttons are disabled.
  5. Click Modify. The Employer Selection dialog box opens. The Allow Access column for each employer is initially set to No.
    • The Employer list also contains the N/A option. Change the access to Yes for N/A in order to access System in the Product column on the Security Group page.
  6. Double-click the employer to change the access to Yes.

    Caution! If you allow a security group to access Group Security under System Rules, users in that group can change their own security access rights. They can let their security group (and any other security group) access all features, which is the same as no security at all. We recommend limiting the access rights of all security groups to only one security feature: Change Password. The MASTER user ID has access to all Sage HRMS system features.

  7. Click OK. The system rebuilds the information on the Security Group page.
  8. Click Modify in the Product column to open the Product Selection dialog box. The Allow Access column for each product is initially set to Yes.

    9. If you have U.S. Payroll and Canadian Payroll installed and want to restrict access to either U.S. Payroll or Canadian Payroll, you must set the security in two steps. Let's say you want to restrict access so that users will only be able to access Canadian Payroll. In the Product Selection dialog box, set the Allow Access to Yes for Canadian Payroll. Then set the Allow Access to No for Payroll (which is U.S. Payroll). It is imperative that you set the access correctly for both U.S. Payroll and Canadian Payroll.

  9. Double-click the products to change the access to No.
  10. Click OK to return to the Security Group page.
  11. Select the product for which you are setting security. All activities, tasks, and steps appear in the related columns.
  12. Click Modify in the Activity column to open the Activity Selection dialog box. The Allow Access column for each activity is initially set to Yes.
  13. Double-click the activity to change the access to No.
  14. Click OK to return to the Security Group page.
  15. Select the activity for which you are setting security. The tasks and steps appear in the related columns.
  16. Click Modify in the Task column to open the Task Selection dialog box. The Allow Access column for each task is initially set to Yes.
  17. Double-click the task to change the access to No.
  18. Click OK to return to the Security Group page.

    19. If a user has a task assigned on their Scheduler, the security system does not allow you to restrict that user’s access to that task. Therefore, because the user is a member of a security group, the security system does not allow you to restrict that group’s access to that task.

  19. Select the task for which you are setting security.
  20. Click Modify in the Step column to open the Step Selection dialog box. The Allow Access column for each step is initially set to Yes.
  21. Double-click the step to change the access to No. If you selected Detail in the Activity column, double-click the steps to change access to View, Update, or None.
  22. Click OK to return to the Security Group page.
  23. Repeat steps 4 through 22 to set access rights for another employer, product, activity, task, or step.
  24. Click OK to return to the Security Groups dialog box.
ClosedTo Edit a Group
  1. Select System > Security > Group Security.
  2. Select the group with whom you want to work.
  3. Click More…. The Security Group page opens.
  4. Edit information as necessary.
  5. Click OK.
ClosedTo Delete a Group
  1. Select System > Security > Group Security.
  2. Highlight the group you want to delete and click Delete.
  3. Confirm the deletion.
  4. If there are no users in the group, the system deletes the group.
  5. If there are users in the group, the system alerts you and asks you to confirm the deletion again. If you select Yes, the group and any users within the group are deleted.
  6. If a user within the group has tasks scheduled on their Organizer, the system alerts you and does not allow you to delete the group. Click OK to display the user’s task schedule.

Notes: Before deleting the group, remove the scheduled tasks from the user’s Organizer. Delete the user or assign the user to another security group. Repeat the above procedure to delete the group.

Review the list of tasks. To print the tasks for easy reference, click Print. Click the Close button to return to the Group Security dialog box.

Published: May 17, 2017
© 2017 The Sage Group plc or its licensors. All rights reserved. Privacy Policy | Copyright/Trademarks