If you can implement the security strategy for your organization
with one security policy, use the Global security policy as your single
policy.
About this task
In most cases, you do not change the default permissions
for the supplied Plan Administrator and Plan User system roles. Instead,
you add new security policy roles to implement your security goals.
Procedure
- Select Settings > Marketing Operations Settings >
Security Policy Settings > Global.
The Properties
for <security policy> page displays.
- Add a security role:
- Click Add Another Role.
- Enter a Name and Description for
the role.
Repeat these steps for each role you add.
- Click Save and Edit Permissions.
The Permissions for <security
policy> page displays. This page contains a table interface
so that you can grant or block access to features for each role.
- To configure permissions for objects other than projects
and requests, from the Access to list select
the marketing object type. Use the check boxes to configure permission
settings for each security role. See Security policy permission settings.
You repeat this procedure for each object type in the Access
to list.
- To configure project permissions, complete these steps.
- From the Access to list, select
the Project object type.
- In the General section, configure the Add
Projects and View Project in the List permissions
for each object and security role.
- Select a project template. The security policy displays
a column for each project role specified for this template on the
Project Roles tab in the Team Members section. An access control section
displays for each tab in the template.
- Configure permissions for each tab in the template,
including any custom tabs, for the project, object, and security roles.
- Repeat steps c) and d) for each project template.
- To configure request permissions, complete these steps.
- From the Access to list, select
the Request object type.
- Configure the Add Requests and View
Request in the List permissions for each object and security
role.
- Select a project template. The security policy displays
a column for each project role specified for the template on the Project
Roles tab in the Project Request Recipient section. An access control
section displays for each tab in the template.
- Configure permissions for each tab in the template,
including any custom tabs, for the project, object, and security roles.
When configuring requests, remember that the permissions you set for
the Request Recipient object role must match
the permissions for at least one of the roles in the recipient project.
- Repeat steps c) and d) for each project template for
which you want to configure custom permissions for requests.
- For custom marketing object types, be sure to configure
permissions for each template.
- Click Save and Finish.