1. Home
  2. Essential Skills & Features
  3. Learn How Access Permissions Work to Secure Your Data

Learn How Access Permissions Work to Secure Your Data

Summary

TeamGram knows the hierarchy of your organization and uses this information to make user access rights more manageable.

To understand how things work, we will start with some basic concepts:

Records

TeamGram stores your data in blocks called records. Examples of record types are contacts, companies, deals, leads, orders, and more. A record typically has multiple data fields that are shown together on the same page. You can also determine who in your company can access which record.

Rights

In TeamGram, every record has 3 levels of rights:

  • Ownership Rights: The owner of a record can do everything about it, including editing, deleting, setting access rights for other users, and even transferring the ownership of the record to another user. The first person to create a record automatically becomes its first owner. Each record can have only one owner.
  • Editor Rights: A user who has editor rights can make changes on that record, but may not change access levels of other users.
  • Reader Rights: A user who has reader rights may view the record, but can’t make any changes.

If your subscription includes only the basic access rights management, you can grant editor or reader rights to either All users or none. Assigning All users as readers means every user in your company can view this record (Even if you don’t grant rights to anyone, the people higher up in the company hierarchy can still exercise the same rights as you. Read the following section to understand how this works).

If your subscription includes advanced access rights management, you can grant editor or reader rights to specific users or departments. Assigning the Production Team as the editor of a record allows anyone in that department (and everyone they report to) to make changes on that document.

The rights settings on any document can be seen at the bottom of its info tab. If you are the owner of a record. you are allowed to change its access rights settings while editing it.

 

Your Organization Chart

As a general rule, you can access everything any of the people reporting to you can. If a person reporting to you can view a note about a customer meeting, so can you. If another person reporting to you is allowed to change information about a customer, so are you.

TeamGram uses the organization chart of your company to understand the reporting relationships between users. A typical organization chart can look like this:

In this example, the support manager can automatically access everything anyone in the pre-sales and post-sales teams can access, because those two teams report directly to her. However the sales manager can’t access a record owned by a member of the production team, unless either he, or his department, or one of the users or departments reporting to him is authorized. Meanwhile, the general manager can access all of these records, because their owners either directly or indirectly report to her.

Administrators can edit the organization chart of a company in the department settings section of the control panel.

Special Case

There is one special case when the owner of a record is not allowed to edit a document:

Remember that the first person to create a document automatically becomes its owner. You can setup certain records in such a way that its owner can send it to another user for approval.

A typical example is a vacation request form an employee fills out and then sends out to a manager for approval. Since you wouldn’t want users to alter approved vacation dates after they are approved by their managers, TeamGram will not allow owners to make any changes on documents sent for approval.

Default Access Rights

Although the owner of a record can always make changes to its rights settings, most of the time people in the same department will want to use similar settings for similar types of records.

Users in the sales department may want other users in the sales department to be able to view their deals, but not edit them, and probably not want any other departments to be able to view them at all. On the other hand, they may want to make their contacts and companies readable by the members of the support team, so they can lookup people and enter notes about their interactions.

Your system administrator can enter default access rights for each type of record created by each department. This is done in the department access controls section of the control panel.

In the following example, the default access rights for a new deal created by a member of the Phone Sales department will be automatically set to allow other users in that department to view it, only the owner and his managers to edit it, and nobody else in the company to view it.

 

Regardless of the default access rights set in the control panel by the administrator, users are allowed to make changes on a per-record basis (Unless the administrator has specifically prevented them from doing so by checking the Cannot change the sharing settings box above).

Inheriting Rights from Linked Records

As you will see in other sections of this help site, TeamGram allows you to link different types of records. An order can be linked to a deal, which in turn can be linked to a company (customer). The deal itself can also be a linked to a number of sales activities like scheduled phone calls and tasks.

When you create a new record from a tab under another record (as in the activities tab under a deal), TeamGram automatically establishes a relation between the new item and the existing item it was created from, and also copies the access rights from the existing item to the newly created linked item. You can change the suggested sharing settings before saving.

Was this article helpful?

Related Articles