Once you have decided which task are appropriate for the various roles it’s time to make those changes.
2.) Assign the appropriate tasks to a role.
In the security matrix, the task descriptions across the top correspond to tasks in GP. In our example, the Print 1099’s task is Task ID ADMIN_PURCH_007*. The tasks across the top correspond to the name since Print 1099’s makes way more sense than putting ADMIN_PURCH_007* across the top.
|Side Note: Searching via Name doesn’t seem to work in the Security Task Lookup window in GP 2015. You can sort by name and then scroll alphabetically to find a task by name as they are listed in the Security Matrix.|
Now in GP, it’s just a matter of creating or selecting a role and assigning the tasks that have been identified in the Security Matrix. This isn’t a particularly fast process, but since the tasks are already identified, it’s not a hard process.
Pro Tip: Don’t modify the default roles. Create a new role with essentially the same name. That way if you have to figure what was in an old role to troubleshoot security you can. After a predetermined period, delete the default roles to prevent accidental use.
3.) Add Roles and Tasks, don’t change them
There is always a shakeout period with security setup where roles and task assignments get adjusted, but after a couple of weeks, things settle down. That’s about the time that something will change in an organization and security will need to be adjusted. When that happens, don’t change those roles and task that have been set, agreed to, and tested. Add new roles and tasks as appropriate or change the roles that users are assigned to, but don’t start tearing apart roles.
For example, if a company adds Safe Pay to Dynamics GP, permission needs to be given to access the Safe Pay windows. This wouldn’t have been covered in the original security matrix since it’s being added later. One or more tasks will need to be created to allow access to Safe Pay windows and tasks. Those tasks shouldn’t be added to an existing role. They should be part of one or more new Safe Pay roles. This helps preserve the integrity of existing role definitions and it makes it very clear what access a user has.
Be sure to read the final part in this series, where you can learn how Fastpath’s Audit Trail and Assure tools help you identify conflicts and monitor changes.