Sage 300 offers comprehensive user definable security at both the application authentication as well as the authorisation levels.
Enabling security
Security needs to be enabled within Sage 300 at the database level.
The Sage 300 Administrator can turn this on in Database Setup by first selecting the System database, then clicking on Edit and checking the Enable Application Security option.
Password policies
You also have the option of enforcing password policies to meet your organisations requirements.
Click on Security in the Database Setup screen to specify if:
- Passwords need to be complex
- Whether a user is required to change passwords at a certain interval
- A minimum password length
- Whether to lock a user out after a specified number of unsuccessful attempts.
User accounts
Within Sage 300 itself, you can set various authorisation levels.
When creating a user account, you can specify whether the user is required to change password when next accessing the application as well as restrict usage to within specified days and times.
Security Groups
Within each Sage 300 module, you can further specify what a user can and cannot do by creating multiple user groups and assigning user accounts to them.
As can be seen from the image above, Sage provides comprehensive control over what a user is and is not allowed to do within a particular module.
User authorisations
Once you have setup the security groups, you can then assign these to users on a per module basis.
In this case the in the Accounts Payable module, each user has been assigned permissions that have been setup for their respective roles within the organisation.
In the first image, the user has full access, whereas in the second, access is limited
Similarly, you can setup security groups for users at other levels and control functions like posting, deleting, etc.
