Security Overview

It is important to configure security within EBMS for the following purposes:  

A landscaping supply company employees various EBMS users including sales, fulfillment, delivery, landscapers, growers, managers, owners, and various clerical staff.   All these workers require access to the ERP system but require vastly different degrees of access and functionality.   Some staff are limited to very specific sales tools with almost no access to utilities and settings.   Most staff are blocked from payroll and financial records.   Others are blocked from adjusting pricing and making inventory adjustments.   The UI security tools in EBMS and MyEBMS block information, limit data changes, and restrict launcing powerful utilities.   The ability to tailor user security allows the administrator to determine the sensitivity of specific data and functions.   

A manufacturing company uses EBMS to record MTO sales orders, manage raw material and finished inventory, schedule manufacturing batches, and various other clerical and business manage functions.  The security system within EBMS facilitates the organization of different roles and responsibilities by disabling functions, restricting data changes, and disabling options that apply to other departments.  The security tools in EBMS are not only used to secure data but to restrict options and data changes for individual work groups and departments.  A single integrated ERP solution is implemented for the company‚Äôs business processes without opening all the options to the entire team.   

A business owner has created a separate company within EBMS to manage real estate holdings.  Many of the software functions are disabled to simplify the solution since the ERP system is largely used for financial purposes.    The owner prefers to limit access to specific financial accounts and vendor history from the data entry secretary that also manages the main company bookkeeping.  The advanced security feature is used to identify and block specific balance sheet accounts as well as a few vendor and customer account history.  This flexible security feature gives the owner the ability to only block owner defined records and give the secretary advanced access to the main financial, expense, and sales modules.

 

The EBMS software contains a very flexible security system that includes the following tools:

  1. Program or module level UI security:  This option is set with the user management dialog.  Review Creating Users and Assigning UI Rights for instructions to setup this level security.   

  2. Database level UI security:  This option is similar to the dialog based security settings.  Review Setting the Parent Security within an Entry Dialog to configure the security per file.

  3. Entry field level UI security:  This security setting allows the EBMS administrator to tailor security settings for specific entry fields.  Review Setting Security for a Tab, Entry field, Button, or Process for security configuration instructions.

  4. Function level UI security:  This setting is similar to the field level UI security but restricts buttons and menu items.

  5. API and Webhook UI security:  The security within these advanced interface tools are similar to the other UI security settings.  Security settings are created within EBMS but affect interface tool access settings.  Review Technical > API Gateway and Webhooks for information on these tools.

  6. Reporting security:  Report security does NOT use the UI security settings.  Review Setting Report Security for steps to restrict access to EBMS reports.

  7. SQL Mirror and other data copy utilities:  Security must be configured with the SQL server to restrict data.  Review Technical > SQL Mirror > Overview for more details on this tool.  

  8. wDBMaint and other database editing tools:  A database utility is installed on the server to directly edit files.   This utility should be store in a secure file area only.  

  9. Advanced UI security based on database content:  The Advanced security tool is used to restrict data access based on content.   Review Advanced Security Settings for more information on this powerful UI security option.

  10. Worker personal timecard access:  A worker or user can access their personal timecard without access to other worker's information by entering the user name into the worker record.  Review [Labor] Processing Payroll > Worker Added Timecard Entries for configuration instructions.

Setting a specific data entry field to No Access is an effective way to disable a specific entry field if management does not wish to use the entry.