Security Groups
Overview
Security groups determine what users can see and do in nVIRO. Each group is made up of different roles, and each role grants specific permissions to various resources and data. When users are assigned to one or more security groups, they receive all the permissions included in those groups.
Searching Security Groups
To view all available security groups, navigate to Admin > Security Groups.
Adding or Editing a Security Group
On the Security Groups page, click the Add New Security Group button to add a new group or click on an existing security group to edit it.
The following fields appear on the New Security Group and Edit Security Group pages.
Field | Description | Notes |
|---|---|---|
Name | The name of the security group. |
|
Description | A description of the security group. |
|
Account Type | The account type to which the security group applies. | Options include Internal Agency User and Registered External User. |
Roles | The roles included in the security group. |
|
Adding or Removing Security Group Roles
To add a role to a security group, select it from the Add Role dropdown list. Only roles that are not already part of the group will appear in the list.
To remove a role from a security group, click the Remove button (“X”) next to it.
Changing security settings—such as adding users to security groups or adding and removing roles—should be done with extreme care. Incorrect configuration can create security vulnerabilities and/or lead to data loss. Only authorized security administrators should change security group settings.
Administrators may add or remove roles from a security group to better match their agency’s staffing structure. For example, some agencies keep permitting and compliance responsibilities separate, while others have more overlap. In the latter case, an administrator may extend the base permissions of a permitting-related security group to include compliance functions that its users normally wouldn’t access.
Roles and Workgroups
Roles determine levels of access to specific record types. Workgroup-level roles work together with user workgroup membership to define access. (For more information on workgroups, see the Workgroups page.)
The following table outlines how roles and workgroups work together in the context of evaluations.
Role | Permissions |
|---|---|
Evaluations - Manager - Mine | Grants access to active evaluations assigned to the user, either as the processor or via assigned tasks. |
Evaluations - Manager - Workgroup | Grants access to any active evaluation assigned to a workgroup of which the user is a member. |
Evaluations - Manager - Global | Grants access to all active evaluations in the system. |
Evaluations - Administrator | Grants access to all evaluations in the system, regardless of status. |
Depending on the organizational approach, most staff are typically provided access to their own assigned work, and some may be granted full workgroup-level access. In certain organizations, workgroup-level access may be limited to one or two people, such as a supervisor.
Copying a Security Group
To customize permissions for a particular group of users, an administrator can copy an existing security group and modify the copy. For example, if three users need additional permissions that should not apply to the whole group, the administrator can copy the existing group, give the new group a unique name, and add the additional permissions. The three users can then be assigned to the new security group.
To copy a security group, open the More Actions menu (⋮) on the Security Groups page and select the Copy option. This opens the Copy Security Group page, which functions the same as the Edit Security Group page described above.
Deleting a Security Group
To delete a security group, open the More Actions menu (⋮) on the Security Groups page and select the Delete option. When a security group is deleted, it is also removed from the group membership list of all users that were in it.
Exercise caution when deleting security groups, as doing so may prevent users from accessing system resources they require.
Viewing Security Group Membership
To view the security groups of the currently logged-in user:
Click the user’s initials in the toolbar (the far-right icon).
Click the Profile & Settings option to open the User Profile page.
Navigate to the Groups tab, where the list of security groups of which the current user is a member is displayed.
For information about managing security group membership, see the User Management page.
On this page
Related Content