IT Works software solutions store information in a secure database. Access to this information is controlled by a multi-level security system which is built into the solution. This gives you control over the functionality of the solution as well as the data-access for each user. Access and security rights may be assigned to users either individually or by role.
The security system provides the following four levels of control.
The first security level controls user access to individual software modules. It is invoked at login and prompts for a unique user name and password. The login process supports Active Directory, LDAP, and single sign on authentication. The user name is linked to internal settings controlling module access. After login, user functionality and data access are controlled by module specific security systems.
Menu, Button and Data Views Level Access
The second security level controls access to menu items, buttons, and data views within each software module. Menus are customized based on security settings allowing specific users to access data display forms, user setup screens, data transfer procedures, etc. Buttons, such as the reverse certification button within the Effort Certification System, can be activated or deactivated and control of data views, such as employee supported information in the Grant Module, is supported.
View and Edit Rights
The third security level controls whether or not a user has the right to edit data or is limited to viewing only within a software module.
Transaction Level Access
The fourth security level controls which transactions a user has access to within a software module. Depending on the module, data level security can be defined by individual or groups of employees, organizational units, or account structure elements. When transaction level security is invoked, the values of data elements within individual transactions are analyzed and compared to user security settings. The user may only access data designated by their access privileges. This security level allows investigators and key personnel to be limited to accessing only “their” information. It is also frequently utilized by institutions with decentralized management and administrative teams.
Users may be granted combinations of these four security levels. For example, a principal investigator may be given view only access (View and Edit Rights security) in the accounting module (Module Access security) in order to see the current balances of his or her grants (Transaction Level Access security).