Acumatica Security Management

Recently I passed the S110 Security Management course in Acumatica University. Here are a few of the things that stood out to me:

1. Row-Level Security. This allows you to limit user’s access to Branches, Customers, Vendors, Budgets, Warehouses, Inventory Items, and GL Accounts. At my current company, we use Sage 500 ERP and we don’t have this feature. We have three separate locations and I would love to be able to restrict users to only be allowed to create transactions in certain Warehouses. Maybe we would even create a separate Branch for each location and restrict users to only be allowed to create transactions in their Branch. Row-Level Security is a very important feature, especially when you are dealing with an organization that has multiple locations.
2. Access History. You can use the Access History (SM201045) form to track the following events performed by a user: Login, Logout, Session Expired, Login Failed, Access Screen, Send Email Success, Send Email Error, and Customization Published. The most interesting event to me is Access Screen because it allows you to see how often a particular screen is used. This is especially interesting with reporting. At my current company we have over 100 users and we are constantly making changes to reports. When I make a change to a report, I would love to be able to notify everyone who has used that report in the past six months. The Access History (SM201045) form would allow me to lookup this information so I could send out a notification to the appropriate people.
3. Field-Level Auditing. I’ve mentioned this before in previous posts (click here). This feature allows users to be notified when data changes on a form. I currently do this in Sage 500 using an email alerts program that I wrote, but it’s not as graphical and easy to use as the Field-Level Auditing feature in Acumatica.
4. Active Directory Integration. Acumatica integrates with Microsoft’s Active Directory and allows users to login to Acumatica without having to enter a password. I would venture to say that most medium-sized companies are already using Active Directory in their network environment. The nice thing about Active Directory is that you only have to login once, when you login to your computer in the morning. After that, programs utilizing Active Directory authentication know who you are without you having to login again. This is similar to websites that allow you to login with your Google or Facebook account. It’s much nicer for the user because you don’t have to keep a long list of usernames and passwords for all the programs that you use.
5. Password Storage. This is a geeky detail and probably doesn’t deserve its own number, but I wanted to list it anyways. If you aren’t using Active Directory Integration, then Acumatica needs to store the passwords of your users in the Acumatica database. You have two options for how to store the passwords: Hash or Encrypted.