Row, row, role your security, quickly and smoothly into place

Submitted on: Tue, 09.16.2014 07:27pm - Colin Sherman |

I do a lot of demonstrations, so I speak with hundreds of distributors over the course of a year. Things go a lot smoother when the audience feels free to speak, ask questions, and generally make noise.  Otherwise, it feels like I am sitting there speaking to myself.  Frankly, I'd rather be asked any kind of question, or even get yelled at, then to have an audience that is silent.

One of the most common questions I get, and one that I really enjoy answering, is how our security model works. MITS Discover was first released almost 18 years ago, today.  The very first "optional add on" that was released for the product was security.  In fact, our security system was introduced before a graphical user interface was added.  Through our history, security has always been one of the most important core elements of the product.  While today it's a built in part of the product and no longer "optional," security continues to get a lot of attention.

As I typically say during a demonstration, "obviously if I'm going to make your information really easy to access, I should probably also lock it down and let you control who can see what."

MITS allows you to create either groups of users with similar security or individual users with unique security access.  Since we do not license based on user, that means you could have access for yourself, your sales people, your significant other, your vendors, your customers, your cousin, your dry cleaner or whoever else you think might gain value from your company’s core information. Well, you might want to leave the dry cleaner out of your security system unless you have a very special relationship.

Once those groups of users or individual users are created, you have several levels of security available:

Don’t press that button!
Our Security layer starts at the highest of levels.  Simply put, it allows you to disable certain buttons.  It's likely that you don’t want everyone to be able to export information to Excel, change dashboards, make changes to security, etc.  When you set what buttons you wish to have unavailable, the button simply won't show up to a user who does not have permission. This eliminates the need for awkward questions about why a user can't export their customer list

Wait, Gerald makes how much?
Next up is the ability to control what sort of information a user has access to. Think of the data in MITS as silos: Sales, Inventory, General Ledger, etc. You might want your sales reps to see Sales information but not Inventory turns. You might turn off Accounts Receivable access for your Inventory people or more importantly, you might restrict the General Ledger information so that only a very select group of people can see it.  It's typically not fun to have to explain to someone picking in the warehouse why you pay Gerald, the sales person, what you do.

Customers and gross profit visibility – a step back in the relationship
Following the sorts of areas of data that are available, you can also restrict specific columns that you don't want to have displayed. Some Distributors allow their Sales People to see Gross Profit, others keep that information private. Even more interesting is that a lot of our customers expose reports to their largest customers. It's always seemed to me like a great idea to hide Gross Profit numbers from them. While I am not an expert in your specific business, it just seems like is the sort of information you might not want to have a conversation about with your customer. Once a column is hidden from a user, all calculated numbers from the column are also hidden.  So, if you hide Cost, Profit will disappear as well.

Row, row, role your security
The final and most important part of security is what we call Row or Role level security.  Named for the Row of a report or the Role of the person using it (Sales Rep, Branch Manager, Buyer, Sales Manager, etc), many of your users will only be responsible for one specific drill down option. In these situations it can be best to only let people see their specific area of the business.  The most common is restricting sales people to only be able to see their own accounts or only invoices that they are on.  So Sales rep Stephen can only his information, no matter how clever Stephen thinks he might be at using our product.

This is a particular powerful feature when it comes to distributing things like sales reports.  If you create a report and distribute it by saving it to a directory or emailing it out, MITS will see that you are trying to give it to a security controlled user and will hide everything but what that specific user is allowed to see. That means that a sales report individualized for 20 sales reps takes exactly the same amount of time as making just one report.  

MITS is also able to hide or show the overall corporate totals in this situation.  You might want Bob to know that he's 8% of your corporate sales, while still not letting him see the other 92%, or you might not want Bob to know how the company is doing as a whole.

So, there you have it.  There's a lot to MITS data security model. The good news?  It's very easy to set up.  Most of our customers spend about 2 – 4 hours setting up security for all of the users at their company.

The not so good news? If you are on a demonstration with me, you'll have to think of other questions to ask me or give me a good yell to keep me on my toes.