Beyond - Managing Service Reps & Security Groups

What are Security Groups? 

Security groups allow you to set security permissions for each user within Beyond.

*Note* Security settings in Enterprise (Sec Roles) is separate from security in Beyond (Security Groups). When editing, adding users, or managing security groups, we recommend being at your highest hierarchy available (ex. system).

To Access Security Groups:

  1. Navigate to the B for Beyond menu
  2. Select System Settings 
  3. Select Security Groups 

Beyond has divided security settings into 6 unique types:

  • Permission
  • Customer Status
  • Document Type
  • Message Action Type
  • Report
  • Custom Data

Within each type, there are groups of users based on what their security settings are in the system. We have set up some default groups for you to utilize but remember that you can always customize or create your own groups.

This Article Covers: 

  1. Security Group Types & Their Default Groups
  2. Adding Users to Security Groups
  3. Customizing & Creating Your Own Security Groups 



Security Group Types and Their Default Groups

We have set up default groups for each security group type in order to make implementing and managing users easier. Here, we will go through each type and the default groups available.

  • Permission
  • Customer Status
  • Document Type
  • Message Action Type
  • Report
  • Custom Data

Permission

We recommend starting here since the permissions security group type allows you to set which general permissions a user has. The Permission security group type includes a list of functionality related permissions including access to time entry, update employee EEO information, Mass Update Rates, etc. This is an extremely important category to review. 

Default Groups in Permissions Type: 

  • Administrator – has all permissions
  • Back Office Manager – does not have admin permissions but all other manager related permissions
  • Billing Clerk – has basic billing functionality and related permissions
  • Front Office Manager – has similar permissions to back office manager but can not update bank account numbers while payroll is running and does not have access to time entry
  • Limited Access – has no permissions
  • Pay Clerk – has basic payroll functionality and related permissions
  • Sales – has sales related permissions
  • Staffing Specialist – has basic recruiting or employee focused permissions

For a full list of all permissions included check out Beyond Security Group Comparison Report


Customer Status

This type sets which customer statuses that the service rep can change. 

Default Groups in Customer Status Type: 

  • All Statuses – can change any status
  • Customer Status Lite – can change Active, deleted/mistakenly entered, and prospect status
  • No Statuses – can not change any customer statuses

For a full list of all permissions included check out Beyond Security Group Comparison Report


Document Type

The Document Type security group sets which documents a service rep can view (read), upload (write), or delete. 

Default Groups in the Document Type: 

  • All Access
  • No Access
  • Read Only – All

For a full list of all permissions included check out Beyond Security Group Comparison Report


Message Action Type

This type sets which message action codes users are allowed to use and see when logging a message on a record. Message action types are defined by the administrators when they set up the message action code. FOR MORE INFO CLICK HERE.

Default Groups in Message Action Type:

  • Non Secure Message Types – can read and write all message action codes besides ones set as secure
  • Secure Messages – can read and write all message types

For a full list of all permissions included check out Beyond Security Group Comparison Report


Report

The Report category sets which reports a service rep can run. 

Default Groups in Reports Type:

  • Administrator – has access to all reports
  • Back Office Manager – has access to all back office related reports
  • Billing Clerk – has access to invoice and AR related reports
  • Front Office Manager – has access to all front office related reports
  • Limited Access – has access to active and deactivated employee reports only
  • Pay Clerk – has access to payroll related reporting
  • Sales – has access to customer and sales related reports
  • Staffing Specialist – has access to employee, order and assignment reports related to recruiting

For a full list of all permissions included check out Beyond Security Group Comparison Report


Custom Data

The Custom Data security group type includes a list of all custom data fields created from the administration section of Enterprise. By default, service reps will be able to view & edit all custom data fields. You can create Custom Data Security Groups to remove permissions to view (Deny Read) or edit (Deny Write).

There are no default groups within this category.

For more information on how to add your own custom data, check out How to Set up and Manage Custom Data



Adding Users to Security Groups

Once you have reviewed the permissions in each default security group or created your own group, you will need to add users to the groups to give or restrict their permissions. 

*Note* Each user can only be a part of one group in each security group type. For example, a service rep can not be apart of the Staffing Specialist permission type group and the Front Office Manager permission type group.

Adding Users from the Security Group

This option is best when you are already reviewing a security group or adding multiple users to a group. 

  1. Select the security group type you are looking for
  2. Select the 3 dotes icon  next to the group you wish to add users to
  3. Select Edit
  4. Select + to add users

OR

Managing a Service Rep's Security Groups

This option is best when you are adding a new user into the system or a user is changing roles and you need to add or update all their security groups. 

  1. Navigate to the B for Beyond menu
  2. Select System settings > Service Representatives
  3. Select 3 dotes icon to the right of the Service Rep you wish to edit permissions for
  4. Select Edit
  5. Select the correct security group for each security group type 
  6. Select Submit to save your changes

*Note* Once a user's permissions have been updated, we recommend having them clear their cache to make this change immediate.


Customizing and Creating Your Own Groups

To Edit a Default Group:

  1. Navigate to the B for Beyond menu
  2. Select System settings > Security Groups
  3. Select the security group type you are looking to customize
  4. Select Copy next to the default group you wish to edit
  5. Now you can rename the group, change permissions, and add users

To Create a New Group From Scratch:

  1. Navigate to one of the security group categories
  2. Select the '+' in the upper right corner
  3. Name your group & set a description
  4. Set the Hierarchy level this group applies to (ex. system)
  5. Select Properties
  6. Select the '+' next to members to add users
  7. Select 'Submit' to save


Related Articles