Assigning User Security

This topic provides an overview of the security assignment process.

The VA module allows administrators to set up security by data, form, report, attachment type, query, and Work Center template. You must assign security type permissions for all users prior to allowing them access to the system. To ease administrative efforts, it is recommended that you assign security to groups of users, rather than individuals. You can then customize security settings for individual users if their group settings are too restrictive.

Important: If you do set up security, consider which individuals have access to the security forms. If you have restricted users from gaining access to specific forms, but do not also restrict access to the security forms, then any user can change the security setup for themselves.

The following list briefly discusses each security type.

  • Data – Use this security type to prevent unauthorized users from viewing and/or posting information to system fields or from accessing sensitive information through other sources.

  • Form – Use this security type to prevent users from accessing forms or specific form tabs.

  • Report – Use this security type to define which reports are available to users.

  • Attachment Type – Use this security to define what types of attachments users can access.

  • Inquiry – Use this security to define what queries users can access on the Dashboard Work Center in the Main Menu.

  • Work Center – Use this security to define the Work Center templates that users can access.

  • Security Administration – Use this security to restrict users who have security form access to administering only some company/module combinations in VA Form Security and VA Report Security. This feature is optional and should be used only if you want some users to administer security for only selected company/module combinations.

The rest of this topic outlines the process for assigning security permissions.

Step One: Creating Security Groups

Security groups provide a way of administering permissions over a group of users rather than by individual user. When creating security groups, you will assign a specific group type. Each group type corresponds with the security types discussed above. Because security groups are associated with a single group/security type, most users will belong to at least four security groups (one for each type). For larger and more complex operations, users may belong to more groups.

To create a security group, use the VA Security Groups form.

To assign users to a security group, use:

Step Two: Defining Group Permissions

  1. Once you create a group, you can set specific permissions for that group's use of the application and/or ability to administering security. You do that using the appropriate security form (i.e., VA Form Security, VA Report Security, VA Attachment Type Security, VA Inquiry Security,VA Work Center Security, or VA Data Security Access) depending on the assigned group/security type. Once you define permissions for the group, all associated users have the same security settings.

    Note: Before setting data security permissions in VA Data Security Access, use VA Data Security Setup to secure specific datatypes and tables. For more information, refer to VA Data Security Setup.
Step Three: Defining User-Specific Permissions

  1. While security groups act as a “one-size-fits-all” solution, some user accounts require specific kinds of permissions settings that no one group provides.

    Note: You can assign data-level security only to groups and not to individual users.