Skip to main content
All CollectionsQuick Tips
Quick Tip - How to Understand Security Roles
Quick Tip - How to Understand Security Roles

A short explanation for determining what a Security Role governs.

Vaughn avatar
Written by Vaughn
Updated over 2 years ago

[Transcript]

Hey guys, this is Matthew with Curo365 here with a quick tip video about roles. I've had many people get into the chat and ask, Hey, is there a place that I can go to better understand what each of these security rules do, uh, regarding what they have access to, um, who they should get, what to, and that's a bit of a moving target because, um, the security roles are, are often very different per client per the way that they're set up. So what we're going to do instead of saying this role does X and this role does Y I'm going to show you how to discover what the roles do for yourself. So, um, first to get into, to see the roles, you'll click the cog up on the top and click advanced settings. That'll bring up this, you'll click the dropdown and go to security. And then we have an option here for security roles. Now, usually when you're seeing this, I'm going to click on users, kind of show you what you're accustomed to seeing. Usually when you're seeing security roles at all, you are clicking on a user will choose myself here. You're clicking on a user and you're going to manage roles and you're choosing, and you're selecting a bunch of different roles so that you can decide, um, which roles to give them. So you know, what to what they have access. Um, however, if you don't know what the roles do, or if you want to make your own custom role, which you can do, it's not something we have a video on, but it's something that you can do. You can create custom roles or look at existing roles and see what they actually have access to. So we'll jump back to security and we'll click on the security roles. And here we will just pick one of our CURO roles. So let's look at the CURO 365 matter admin. Um, just for example, we'll click that and we'll open it up. It'll populate this box here. And when this box finally loads, and it might take a minute, you're going to see a bunch of tabs up here for, um, record types or entities. So a lot of different stuff, all of these core records, marketing sales, these are all built in to the original dynamics, 365 platform. But if you come over here to the right side, we also see custom entities, and this is anything that's specific to Cura 365, something that we have developed for you. So let's just look at these top things. Um, this table right here, we have create, read, write, delete a pen, a pen to assign and share these, govern these pieces. So everyone that you have here, all of these are custom records that we've built. And we'll look at, let's look at an invoice. Here we go. The invoice in this security role of JIRA 365 admin has these permissions. Okay, well, what are these little green Pac-Man looking dots main? Well, if we look down here, we have the guide for what these mean. If you click it once it gives it user business unit, parent child organization. Okay. What does that well, okay. This little symbol right here, you'll noticed that it says user. That means that the user can only access what belongs to the user, or if we click it again, the user can only access what belongs to the business center, or if we click it again, it can only access what belongs to the business center and any related business centers or it can access create for in this case, uh, anything that belongs to the entire organization. So each one of these columns has its own action. Create, read, write, delete. So create is create the user can create the creative for themselves, and that's all create. The user can create it for the business center, create the user can create it for a child business center or create the user can create it for an entire organization. Now, looking across at these we'll look at what these are already. So for the Cura 365 matter admin security role, the invoice record can be read. If you have this role, then you can read any invoice you can access and look at any invoice that belongs to the user, to the business unit or the business center or to any child business centers it can write, which means it can make changes to, and then save for any invoice, belonging to the user, the business center, or any child business centers. However, you'll note that this cure-all through 65 matter admin does not have the ability to delete this middle section is the delete privilege. And that means that they cannot delete, um, anything. They can't delete an invoice that belongs exclusively to the user or anybody else past this, nothing. This role does not have the ability to delete an invoice. Um, they can append and they can append privileges. Those are two other options that you'll see used, uh, occasionally in some of the functions. And then we have this option to assign it to someone and this option to share it to someone. They don't have the privileges for that. So just with that little breakdown, you can come down and you can start looking at, um, you can start looking at all of these. So a matter this role can create a matter. It can, uh, it can look at any matter. It can make changes to a matter, but it can't delete a matter. Um, it can create a matter of billing party, make changes a matter billing party. I'm sorry, read the matter. And billing party make changes to it and delete it for a matter rate. It can create a matter rate. It can look at any existing matter rates. It can make changes to existing matter rates, but it cannot delete the matter rates. So that's how these roles work in general. Now you are always invited to make changes to any of your specific roles. So you might have roles that include your firm name. We invite you to make any changes that you need to make to those, to allow someone to have more permission, you can also, I'm going to leave the page without making any changes. You can also create a new role, new security role, call it whatever you want, example security role and come through here and say, I'm just making this as kind of a catchall. Um, I know that I just, I want this user to exclusively be able to just find something, um, exclusively, be able to let's see, make rates. Okay. So you come through here and you say, uh, I want them to be able to create and look at existing, make new ones, delete existing ones. Um, and you can do these ones as you, as you want to, but you want to make sure that this one specific user can do what they need to do with the rates. And so you make this exclusively and you assign this as a security role to that person. And then you go on from there. You can even, you know, make specific permissions here for that user exclusively. They could be, um, a very basic user with only having to cure 365 legal. And then you could add this extra level of security, this extra layer of security onto it. Uh, if that was something that you wanted to do, we're going to go ahead and delete this without saving that. But otherwise that is security roles in a nutshell, um, again, we can't really talk about what this one does and what this one doesn't do, because it's very varied per client. Everyone uses them differently. A lot of people set the permissions differently, but if you go back and watch through this video a couple more times and learn how to read the existing roles that are there, you'll be able to see who has access to what, um, and identify who needs what, and maybe even identify a need to create another security role on its own. So this is a little longer than a normal quick tip, but I did want to be able to get in and be a little thorough on this. If you have any questions, comments, contributions, or concerns, head to help.Curo365.com. Send me a chat or send me an email at help@curo365.com. And, uh, I'd love to help you out, get you as soon as I can. Thanks.

Did this answer your question?