We are struggling to maintain data privacy. A user can see other user’s data in one way or another in MYOB Advanced. We have collaborated with our solution provider to fix ‘Access Rights by Screen’, however, there is always a loophole where user can see the data.
Latest Example:
User is able to see other user’s data by searching through search bar and navigating to ‘Transaction and Profiles’ option.
+13Assuming you aren’t storing government secrets, could you explain why one user shouldn’t be able to see another user’s transactions?
+19Hello
I think some companies share openly and some are more secretive. It is common for a person with rights to Purchase Orders to see all POs for her company and for a person with rights to Bills and Adjustments screen to see all Bills for his company. (POS and Bills are show above in red.)
To consider: Employee theft is more easily noticed if each can see the other’s work.
Payroll and medical records, Human Resource matters should always be private.
If the company wants each person to see only what he or she entered, in every screen, I think the customizations will get very expensive.
Laura
+7Hello
I think some companies share openly and some are more secretive. It is common for a person with rights to Purchase Orders to see all POs for her company and for a person with rights to Bills and Adjustments screen to see all Bills for his company. (POS and Bills are show above in red.)
To consider: Employee theft is more easily noticed if each can see the other’s work.
Payroll and medical records, Human Resource matters should always be private.
If the company wants each person to see only what he or she entered, in every screen, I think the customizations will get very expensive.
Laura
Couldn’t it be more simple? Can’t you set up restriction groups by accounts and/or subaccounts and place the users within those appropriate memberships? Once there, they can’t see any documents within those accounts, be it invoices, bills, payments, etc.? Just a thought. ;)
-James
+1Hi
Is it personal expense claims and private purchase orders that you’re trying to manage access to?
As people have said above, different businesses have different settings for where they believe data should be private/how much to share internally, often these are in tension with privacy concerns and can come down to company culture as much as legislation.
+19
Couldn’t it be more simple? Can’t you set up restriction groups by accounts and/or subaccounts and place the users within those appropriate memberships? Once there, they can’t see any documents within those accounts, be it invoices, bills, payments, etc.? Just a thought. ;)
-James
Hello James,
You have certainly given us “food for thought”. Restricting by User and Account/Sub might work to hide certain bills or a GL entry, unless there is overlap in which GL accounts the Users need to post to. (Does each user have their own separate list of accounts on the COA? Or their own Subaccount(s)? It’s unusual to have USER be a segment of the subaccount but it might help to hide some transactions. Typically Users are not part of the GL posting structure. Departments and Divisions are highly recommended over individual people, in the GL specifically.)
Your suggestion could work to hide certain documents from view if no employee needs to use accounts and subaccounts that another employee also uses.
Suppose all PO Receipts post a debit to Inventory Asset account and a credit PO Accrual. How would you keep one employee from seeing the others’ PO Receipts? Does each employee have their own Inventory account and their own PO Accrual account? ;-)
Laura
Hi
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
