Follow

Using Security Management

 

Security Management (formerly Security Role Management) gives Firms with large numbers of employees the ability to quickly control and maintain employee Security Roles and Security Rights.

 

The Security Roles tab allows you to create Security Roles which are a collection of Security Rights. Users can then assign a Security Role to the appropriate employees, granting those employees the Security Rights listed under that Security Role.

Individual Security Rights can still be granted to individual employees by using the Employee Security tab.

Employees either belong to a single Security Role or they have their Security Rights managed individually.

 

Tier Availability: Business

Security Rights Required: Add/Edit Employee, MaintenanceSecurity Management

 

Menu:

 

Security Management Rights

In order to use Security Management, users must have the Add/Edit EmployeeMaintenance, and Security Management Security Rights. 

  • Add/Edit Employee - Allows the user to add a new Employee from the application menu as well as add and edit user Security Rights from the Employee Details tab.
  • Maintenance - Allows the user access to Maintenance Menu items.
  • Security Management - Allows the user to maintain the list of Security Roles and their assigned Security Rights.

For steps on how to add these Security Rights to an Employee inside the Desktop Application, please review Adding Employees and Security Rights. If the Employee is currently logged in after rights are granted, then that user must click Application > Refresh Security.

 

Accessing Security Management

Once a user has the Add/Edit EmployeeMaintenance, and Security Management Security Rights, that user may access the Security Management feature.

Access Security Management

  1. From the Application Menu, click Maintenance > Preferences > Security Management.
  2. The Security Management feature will open in the user's default browser.
    • PensionPro supports the latest versions of Chrome, Edge, Firefox, and Internet Explorer 11.

Using the System Administrator Role

Security Management comes with a default "System Administrator" Role. This role cannot be edited or deleted and contains all available security rights. Any active user assigned this role will have unrestricted access to all areas of PensionPro.

At least one active user must be assigned the System Administrator role before any other users can be assigned additional Security Roles. A system administrator or principal would typically be assigned the System Administrator Role.

To assign a user to the System Administrator Role:

  1. Click once on the System Administrator role to highlight it.
  2. Click the Edit button to the right of the grid.
  3. Click inside the Employees box of the Edit Security Role pop up that appears and select the employee(s) that should be assigned the System Administrator role.
  4. Click Save.

Adding a Security Role

Users can add a Security Role from the Toolbar after accessing Security Management.

  1. Click on the Add button located on the right side of the grid.
  2. Enter Role Name and a brief Description of the role.
    • A description is not required.
  3. Click inside the Rights box and select the security rights to be included within the role.
    • Users can select "Add all Rights" to provide all rights to the role. Rights can be individually removed from the role by clicking the X button located to the right of each right.
  4. Assign employees to the role by clicking inside the Employees box and selecting the employee name that should be assigned to the role. Selected employees will appear in the box.
    • Multiple employees can be added to the role at once.
    • An employee can only be assigned to 1 role.
      • Remove an employee from the Role by clicking the X button next to their name.
    • Employees marked as Inactive in PensionPro will not appear in the Employees dropdown.
  5. Click Save

Editing a Security Role

Users can edit a role from the editor.

Edit a Security Role

  1. Click once on a Security Role to highlight it. 
  2. Click the Edit button. 
  3. Edit the desired information. 
  4. Click Save

Deleting a Security Role

Users can delete a Security Role from the toolbar. Please note, deleting a Security Role will affect any employee that was previously assigned that Security Role. Users assigned to a Security Role that was deleted will not lose their rights. Their role assignment will be removed, but the rights they had when they were assigned from that role will remain.

It is recommended that a new Security Role is assigned to the employee before deleting the existing Security Role. Users can also use the Employee Security tab to find employees who do not belong to a Security Role and assign them to one or change their individual Security Rights.

 

Delete a Security Role

  1. Click once on a Security Role to highlight it.
  2. Click the Delete button to the right of the grid.
  3. A message will appear asking the user to confirm they would like to remove all employees from the role.
    • The affected employees will retain the same Security Rights originally associated with the role. 
  4. Click Yes to confirm and delete the role.

Assigning Security Roles to Employees

Now that Security Roles have been created, users can assign those Security Roles to employees. It is required to have at least one user assigned the System Administrator role to act as the system administrator for role and rights management. Security Roles can be assigned to employees by either assigning from the Security Management screen, Employee Security screen, or by assigning within Employee Details in the Desktop Application.

Assigning from Security Management > Security Roles tab

  1. From the Application Menu, click Maintenance > Preferences > Security Management.
  2. The Security Management feature will open in the user's default browser.
    • PensionPro supports the latest versions of Chrome, Edge, Firefox, and Internet Explorer 11.
  3. Click once on a Security Role to highlight it.
  4. Click the Edit button to the right of the grid.
  5. Assign employees to the role by clicking inside the Employees box and selecting the employee name that should be assigned to the role. Selected employees will appear in the box.
    • Multiple employees can be added to the role at once.
    • An employee can only be assigned to 1 role.
      • Remove an employee from the Role by clicking the X button next to their name.
    • Employees marked as Inactive in PensionPro will not appear in the Employees dropdown.
  6. Click Save

 

Assigning from Security Management > Employee Security tab

  1. From the Application Menu, click Maintenance > Preferences > Security Management.
  2. The Security Management feature will open in the user's default browser.
    • PensionPro supports the latest versions of Chrome, Edge, Firefox, and Internet Explorer 11.
  3. Click once on an Employee row to highlight it.
  4. Click the Edit button to the right of the grid.
  5. Set Security Based On to Security Roles. Select a Security Role from the dropdown.
  6. Click Save

    Note
    : Changing an Employee's Security Method from Security Roles to Security Rights will keep all of the Security Rights the employee had under that Security Role. You can Add or Remove individual Security Rights for the Employee.

Assigning from Employee Details in Desktop Application

  1. Click the Company Directory located in the upper-lefthand corner of PensionPro.
  2. Double-click on an Employee's name to open their Employee Details screen.
  3. Click the Security Rights tab.
  4. Click the Edit button to the right of the Security Rights grid.
  5. Click the Security Role dropdown menu and select the target Security Role from the menu.
    • The dropdown will read "None" if no Security Role is selected.
    • Users can either choose to select a Security Role or select "None" from the Security Role menu and choose individual rights. Users cannot select a Security Role and add additional Security Rights. 
  6. Click Save.

Users can also find how to add roles in Adding Employees and Security Rights

Employees Assigned to Security Roles

Users have the ability to view all employees assigned to each Security Role. This information can be viewed in the Security Roles grid along with the Role Name, Description and added Security Rights. Users can click the Export button on the Security Management screen to export a report of this information.

 

Using the Security Management Toolbar

The Security Role Toolbar allows users to effectively navigate and manage their Security Roles in the editor.

  • Export
    • Click the Export button from the toolbar to export a list of Roles to view their description,  assigned rights and assigned employees to each role.
  • Group
    • Grouping can be added by clicking the Grouping button and then clicking and dragging a column header to the Grouping bar that displays.
      • Only Role Name and Description columns can be grouped
  • Filter
    • Click the Filter button to add filters to the Role Name and Description columns.
    • Click the Filter button that appears on the column headers to filter by data within that column.
  • Sort
    • Click a column header to sort by that column.
      • Only Role Name and Description columns can be sorted. 
      • Click once to sort in ascending order.
      • Click again to sort in descending order.
      • Click a third time to remove sorting.
    • Users can click the Clear Sort button to remove sorting at any time.
  • Refresh
    • Click the Refresh button at any time to refresh the page and view any changes.




Frequently Asked Questions

  • If I create an Administrator Security Role, does that automatically give those rights to employees I've set up as an "Administrator" Employee Plan Role in PensionPro? No. Users must still assign the Security Role to the employees that should have that level of access. Security Management is not directly tied to Employee Plan Role assignments.

 

  • I am on the Business Tier, but I don't see the Security Management feature.
    In order to use the Security Management feature, you will need to be on the Business Tier and you must have the Add/Edit Employee and Security Management rights.

 

  • Can I give an employee access to a Security Role and then grant them additional security rights? Users can only be assigned either a Security Role or be assigned individual rights. Users cannot assign a role to an employee and then grant that employee supplemental rights. 

 

  • All of my employees were assigned Security Roles and they were deleted. Are we locked out of access to PensionPro? No. Before any users were assigned a Security Role, at least one user was granted the System Administrator Security Role. That user can create new roles and assign them to each employee to provide the necessary security roles/rights to each user.

 

  • Can I view who updated a Security Role and when? On the Security Management screen, users can view who updated a Security Role and when that update was made in the Updated By and Updated On columns of the grid respectively. These columns update when there is a change made to the name, description, rights, or assigned employees for a Security Role.

 

 

Feature feedback

Was this article helpful?
0 out of 0 found this helpful

Comments