This article provides a basic outline of what Security Permissions could look like when used across multiple access groups. This is based on what we have found to be successful, however, you should use your best judgment about what would work best within your unique organization.
Access Groups
Most organizations have at least two security groups (Access Groups). You may end up having more, depending on your organization's needs.
Provided below are examples of common groups:
Administrators (Required)
Admin users have access to all the system items. These would be the employees who need access to approving, overseeing, editing, and more. Most of the core implementation team will be Admin users and remain that way after launch.
Front Line / Front Desk (Recommended)
Outside of Admin, this is the next most common and recommended user group. This will be for the staff who are working day-to-day with the system. They do not necessarily need editing rights to the activities and facilities, but they need to perform basic checkout functions.
Finance (Common)
Some organizations like to have a finance department group. Most likely they would only have access to reporting and closeout features, and no editing rights to modules.
Managers (Common)
This group would have permissions similar to Admin, but would not have all-encompassing access.
Depending on the complexity of your organization, you may also have groups such as Superintendents, Supervisors, Office Managers, IT, etc. There is no limit to the number of groups that can be set up.
Note:
Do not add users to multiple different groups. This will cause issues when the system is trying to determine what a user has access to.
Groups by Location
An additional option is to set up access groups by location. This means that not only can you have different permissions set up for groups, they can be the same permissions, but specific to a location.
In this example, the user only has the set permissions if they are logged into the Adventure Park location.
Note:
In addition to limiting where a user can log into, limiting locations for an Access Group will limit the locations that are visible on the Facility Calendar. For Example, if a Group only has access to the Community Center, they will only be able to view the calendar for the Community Center.
Security Permissions
Below you will find recommendations for Security Permissions for commonly used groups.
Administrators
This is an automatic group, you are unable to adjust the settings. This group will have access to view and edit all aspects of the system.
Managers
You will most likely have almost all boxes checked for this group.
Some permissions you might not allow access to would be the Configuration tab and Security tab.
Front Line / Front Desk
Recommend allowing permissions for most Point of Sale (POS) items.
You probably do not want to allow them to edit anything that has to do with activities or facilities.
Viewing rights are typically acceptable.
Some organizations allow Front Desk staff to perform more actions than others.
Example: Some like to allow refunds and voids, others require managers to do that. Keep in mind your policies.
There will not be very many boxes checked for this group.
Finance
You will only want to allow access to items such as Reporting, Close Out, and General Ledger (GL) Configuration, Voids, and the Transaction Browser.