Security in Opentaps

  Security in Opentaps

Opentaps is basically open source ERP+CRM. It has been designed for business operations,management and enterprise, so it is extremely important that Opentaps should be secure and reliable. Opentaps system security is controlled at different levels.Following points are mandatory for users:

The user can gain access to it through an unique ID and password, which should never be shared and allocate to other user because security reasons.

The access provided to users is restricted within business processes and is controlled by permissions assigned for each functional operations throughout the system.

The group of permissions is called Security groups, which are used together so that these can be assigned to user as needed.Since the opentaps system is concerned with executing and recording the enterprise business processes and associated task, access to the process execution is managed by “security groups” having specific “permissions” for each sub-process. This allows for fine grained access control to the processes for those users who are assigned to use them. Security Groups can be assigned in the Party Manager User Profile. They can also be edited, and created to suit specific business needs. The User Login is linked to the relevant security groups. When the User Login is granted only by the Security Groups required for that person’s job and the roles they play in the company’s business processes then the security exposures are minimized. When the User is ready to login to the system they will only be presented with access to the authorized areas of the system. For example, if the User is an supplier handling user who works with purchasing only, they will need the Security Group called PURCH_SUPPLIER_GROUP. To see permissions included in this group look at Party Manager – Security – PURCH_SUPPLIER_GROUP — Permissions which shows the permissions for this group.

The steps within each operations are recorded to the database only when completed successfully. If any ambiguity is occur the steps are not recorded. Ambiguities are reported to the Users immediately.

The database into which all system task and statistics are recorded is made secure and accessible only by the specific opentaps system belonging to your company.

The Opentaps implements transmissions of all system operations and statistics using encryption before publicized to the internet when so configured.    

                Security permissions for users

                
Some security permissions for opentaps users are:

• FULL_ADMIN: This security permission provides full administratve rights, including setting up new users and changing of passwords for any party.It has access to both the database and the backend services. For access to certain applications such as CRM, FINANCIALS, PURCHASING, and WAREHOUSE, permissions will still be needed.
• CSR, CSR_B2C, SALES_REP, SALES_REP_LIMITED, SALES_MANAGER: These are the security permissions to access the CRM application at different levels. CSR and CSR_B2C are used for access to the maintenance of the customer records and the sales orders, SALES_REP gets the permission to access customer records with more sales force automation capabilities, whwereas SALES_REP_LIMITED get the view only access to the customer records. SALES_MANAGER gets the access to set up sales teams, view reports and can also decativate accounts.
• FINANCIALS_ADMIN : These permisssions provide access at different levels to the financial applications ranging from FINANCIAL_ADMINS having full comprehensive permissions for the entire applications to FINANCIALS_AR and FINANCIAL_AP having specific and limited permissions.
• PRCH_MANAGER:  Purchasing manager have all priviledge in the purchasing application, including approving purchase orders.
• PRCH_MFG_VIEW: The purchasing clerk has more limited permissions to the purchasing application. These users can only basic permission to view the Manufacturing.
• WRHS_ADMIN: This provides the access to all parts of the warehouse applications,including creation of the warehouses.
• WRHS_SHIPPER, WRHS_USER, WRHS_MANAGER: These permissions are set up by the Warehouse administrator and in the warehouses wherethe useris given these permissions, the shipper can access the shipping operations and the manager can access all the operations.
• CATALOG_ADMIN: Catalog administrator have all priviledge for the catalog application, for creating products and their prices, and purchasing information for the products.
• PARTYMGR_ADMIN: These permissions give access to the administration of other users in the party application but not to the other administrative applications.
• ACCOUNTING_ADMIN: These users have priviledge for all operations in the Accounting Manager.