Application Security

Looking for some advice around security when it comes to a new application that we have setup. Typically the security is around the forecast versions that we have and for our normal 24 month rolling forecast this works fine.

The new application is around longer term strategy, so sensitive in nature and whilst a number of people would likely have initial input into certain elements they shouldn't see other elements. What would be the best way of approaching this? I'd been reading around "Roles" and ability to restrict access to pages based upon these roles? Just conscious of what impact this may have on the other application - I'm thinking it shouldn't as long as on the original application I don't mark any of the makes using the restrict access below.

As we have quite a number of pages I would have to go into each to do this so just wanted to see if there was a better approach before I started.

Tagged:

Answers

  • Model role is likely your best bet to setup modularized security - where users can edit/view on set of inputs but not another. Though this is assuming those the inputs are in separate modules.

    If you are looking to restrict access based on the time horizon or another list, you might contemplate dynamic cell access which allows for read/write drivers to be applied to give certain users access to a portion of the data within the module.