Advanced Security Settings

The standard EBMS software contains many security options that restrict the user to access only pertinent information. These standard options restrict a user's ability to access a file, field, button, or report. Review the Creating Users and Assigning Rights section for more details on the standard security settings. One limitation of the standard security feature is that all records are restricted if the user's security settings restrict the field or file. For example, the history or details of all the vendors are restricted if the user's security settings restrict access to the vendor information.

The Advanced Security option allows the administrator to limit a user's access to one or a group of vendors, employees, or other accounts. For example, the manager may want to limit a user's ability to access specific vendors but give the security rights to other vendors. This allows a secretary to manage the main vendor accounts but restrict access to a few more sensitive accounts. A manager could also restrict some sensitive general ledger accounts such as equity or asset accounts without restricting the user's access to the revenue or expense accounts.


NOTE: EBMS reports are not affected by any advanced security settings.  Report restrictions are only managed using standard security settings.  Review the Setting Report Security section for more details.


Complete the following steps to create advanced security settings for specific vendors:

  1. The user must have administrator security rights to set any security settings including the advanced settings.

  2. To restrict access to a vendor, open the vendor record and click on the Advanced Security tab as shown below:

  3. Enable the Activate Advanced Security for this Vendor option to secure the selected vender. The level of access is determined by the security settings.  

  4. Complete the following steps to block all vendor information for users that do not have manager or administrator rights.

    1. Open any vendor and left click in the upper left hand corner to open the context menu as shown below:

    2. Click on Set Security as shown below:

      The Expression setting in the example above for the Advanced Entry User Level contains a script expression as explained below:
      If (iif) SECURE setting on the vendor tab (explained in step 3) is true (.t.) then No Access (3) otherwise Full Access (0).  Notice that the Evaluate Expression setting for the Viewer User Level is slightly different. if (iff) Secure setting on the vendor tab is true (.t.) then No Access (3) otherwise Read Only Access (1).

  5. The previous step only secures the vendor record.  Complete the following steps to secure invoice information.

    1. Open any expense invoice.  

    2. Left click on the upper left hand corner to open the following menu:

    3. Select Set Security from the menu and set the identical steps as the vendor record security as explained above. This completes the security for the invoice.

  6. Log in to EBMS using an account with restricted security access.  Test to verify that all sensitive information is blocked for restricted users.  The advanced security Expression is not evaluated when the commands are entered into the Set Security dialog. Error messages may occur when opening the vendor or invoice window if an invalid expression was entered.

  7. Verify that all data in the vendor, invoice, and invoice detail records are hidden. Check the security setting of each individual field if a field or column is visible. All individual field security can be overridden with the Evaluate Expression Access setting by clicking on the Filter Down button on the parent security dialog as shown above.

Fields, columns, and processes can all be restricted using the Expression option.  Review the Setting Security for a Tab, Entry Field, button, or process section for more details.

Customer and sales invoice information can be hidden in a similar manner as the vendor and invoice information. Complete the steps listed above but open the customer record rather than the Vendor record and the sales invoice screen rather than the expense invoice.

Contact an EBMS representative if additional security fields are required. The Advanced security system within EBMS can be customized to meet specific security needs.

This optional EBMS module is not included on all versions of the EBMS software.  Review the Server Manager > Optional EBMS modules within the main software manual for specific instructions used to identify or add optional modules.

A worker or user can access their personal timecard without access to other worker's information by entering the user name into the worker record.  Review Review [Labor] Processing Payroll > Worker Added Timecard Entries for configuration instructions.