12 results found
-
Reports Permission: Full Access & De-Linking Scheduling Reports
The new Reports permission, Full Access, allows someone to delete anyone's custom reports. That should be isolated to Admins, since that's dangerous. However, without this permission, no one can schedule their own report. That's not dangerous, and I would like to give that to most anyone. Can we de-link scheduling reports from the Full Access permission?
9 votes -
Create Fund Advisor Login (for Legacy Portal) from "Fund Advisor" record
Only staff members with full "Manage Login Info/Login As" permissions on the Profile can fully set up a new "Fund Advisor" record through to the "Send Login Email" step.
Having "Manage Login Info/Login As" means the employee can reset ANY staff member's password - which means they can take over any account in CSuite. This is essentially the MOST critical security authorization available.
We will not give our fundraising staff this level of access, but it means that all new Fund Advisor setups must run through one of our primary site administrators rather than be managed by our fundraisers.
There…
9 votes -
Add Proxy Information in System Log when Login As is used - Audit Purposes
When I login as another CSuite User and then make an update, the system log shows the action was made by the CSuite User, not by me proxied in as the CSuite user. Is there any way for you to record in the system log when an action has been completed by someone else proxied in as the user? We feel this is critical for audit purposes.
5 votes -
Security Issue: Inactivating a User
We have a security issue that I hope can be addressed. We need to give someone the ability to inactivate a user without giving them extensive access throughout CSuite. This is necessary for immediate off-boarding. Right now, the only way to provide the ability to inactivate someone is to give them Edit permission on Users. Once you have that permission, you can add anyone to groups, sufficient enough to give almost anyone system-wide permissions. That’s sensitive and dangerous. We just want to give someone the ability to do user maintenance functions, such as resetting a password, unlocking a user, or…
11 votes -
Profile Permissions: Separate "Manage Login Info" from "Login As"
As the legacy portal end date nears, we continue to be bothered by the fact that the "Manage Login Info" and the "Login As" permissions are combined for the new portal, especially as it relates to Fund Advisors.
For our operation, the same people who support fund advisors through the Login As feature are NOT the same people who Edit the fund advisors' login, NOR manage a fund advisor's password (set or change), NOR Link an Organization or Individual to the Fund Advisor.
We require these permissions to be separated.
2 votes -
Permission for Cancelling/Writing Off a Pledge.
Need to be able to determine who can cancel/write-off a pledge or pledge payment. Currently there is not a separate permission in pledges where you can determine what users can write-off or cancel a pledge.
3 votes -
Fund Advisor Log - Display User name in log for reset password - not Fund Advisor
When a fund advisor password is reset, the Log shows the fund advisors name in 'User' field and not the staff person's name who reset the password. 'User' should always reflect the staff member.
7 votes -
Custom Field permission by record type
It would add so much to our internal workflow if permissions allowed us to specify access to custom fields on each record type. For example, we track succession plans as a custom field on the fund record. Our fund liaisons want to be able to edit those selections if/when a fundholder changes them. However we cannot give them access to edit the custom field on the fund record without them having full access to edit a fund record (which we do not want).
Making it possible to edit only custom fields on record types would decrease the # of internal…
28 votes -
Notification for Admin Login
We have split out the admin access from the responsible employee's normal user (they have two user accounts). Since there is no reason for them to be in the admin user except to change permissions or add users, they should not be using it regularly as they could easily override all controls with the admin access. Is there a way that you could notify specific users when admin accounts have had a login?
2 votes -
Table/Field Level Permissions/Security
Requirements include:
The system supports the setup of table and field level security for groups or individual
The system supports the setup of access security to attachments to defined actions1 vote -
Separate Unlink Fund Profile from Delete Profile Permission
In our organization, the group responsible for managing fund profile relationships is not the same as those who are responsible for deleting profiles. However, the Delete Profile permission is required in order to unlink a profile from a fund. We need these permissions separated.
15 votes -
Sandbox Permissions
When training new staff, we like to give them full permissions in the sandbox site so they can access everything and more easily see how their role fits in with other parts of our processes. However, every time we sync the sandbox site, these permissions are overwritten by our staff's more limited permissions in the live site. It would be great if there was a setting that would allow us to keep full permissions in the sandbox site even after syncing it. Thanks for considering!
25 votes
- Don't see your idea?