Configuring Security

Objectives

After completing this lesson, you will be able to:
  • Create a Security Group
  • Create a User and Assign them to a Group
  • Configure Password Policies for a User

Create a Security Group

As with any application, security is of key importance to ensure only the right users have access to your organization’s sensitive data. APM security management allows you to control user access to all aspects of the system, including portals, forms, individual fields, actions, and other system features.

As an example, consider the image below. Alexander Smith is an administrator, and has access to all four portals: Manager, Integration, Administration, and Credentialing. Deborah Willis is a producer, and only has access to the Credentialing portal, where she can only view her own licenses and appointments.

The features of security management in APM include the following:

  • Using Security Groups, you can configure access to forms, fields, actions, and system features for specific sets of users.
  • User Management allows you to create and manage users, as well as their authentication and authorization in the application.
  • Password Policies allow you to configure a password policy to define constraints and requirements for passwords and password maintenance.
  • The Data Protection and Privacy capability allows you to configure fields as personal and sensitive data fields, and block data, if needed.
  • APM also includes an Auditing capability to audit every add, update, and delete made by a user, as well as all successful and failed user login attempts.

Security Groups

1. From the Administrator portal, select Security – Security Groups.

2. Click Create +.

3. Enter a unique Security Group ID and Full Name.

4. Select a Portal.

5. Select Save.

Using Security Groups to Manage Access to Forms and Fields

APM has many different types of users, ranging from administrators with full access to the system to individual agents or payees who can see a limited view of their own data. Displaying the system in different ways for different types of users can be managed using the security groups we created earlier. Some of the many ways security groups can manage user access include:

  • Hide or display forms
  • Make a form read-only
  • Hide an action, such as Save or Activate
  • Hide or mask a specific field

Each security group is associated with a portal, such as Manager, Integration, or Administrator.

Creating Users

Once your security groups are set up, create at least one (preferably two) administrative users with full access to the system. Users in the context of Agent Performance Management are the individuals who use the system. This is in contrast to Producers, who are added in the Producers portal.

To create a user:

  • From the Administrator portal, select Security – Users.
  • Select Create.
  • Enter the user’s full name and User ID.
  • Enter the user’s email address.
  • Optionally, select an effective date, default language, or other user information.
  • Select an authorization type. In this case, we will use LDAP.
  • Scroll to the Portal Access section and select the portals to which the user should have access.
  • For each portal, select the Security Group ID that grants access to the portal.
  • Select Save.
  • Select Activate.

Exercise: Create a Security Group and User

Business Example:

In this exercise, you will create a new security group and a new user.

ExerciseStart Exercise

ExerciseStart Exercise

Steps

  1. Create a Security Group.

    1. From the Administrator portal, select Security – Configuration – Security Groups.

    2. Select (+).

    3. Enter the Security Group ID MgrDefault.

    4. Enter the Full Name Manager Default.

    5. Set the Portal ID to Manager.

    6. Select Save.

  2. Create a new user.

    1. From the Administrator portal, select Security – Users - Users.

    2. Select Add (+).

    3. Enter the following information for the new user:

      • Name: Alexander Smith
      • User ID: asmith
      • Effective: 1/1/2024
      • Contact email: asmith@safecareinsurance.com
      • User time zone: US/Eastern Time (ET)

    4. Scroll down to the Authorization section and set the Authentication Type to LDAP.

  3. Assign the new user to the Manager portal using the access granted by the new security group.

    1. Scroll down to the Portal Access section.

    2. Select the Manager checkbox.

    3. In the SecGroupID field, select MySecurityGroup.

    4. Optionally, select the Integration, Credentialing, and Administrator checkboxes. Select any SecGroupID as shown in the image below.

    5. Select Save.

Password Policies

Password Policies define constraints and requirements for passwords and password maintenance. Some of the items that can be configured in the password policy include:

  • Maximum password length
  • Password expiration rules; for example, passwords must be changed every 60 days.
  • The password duplication cycle sets the number of cycles for which a password can be reused.
  • Maximum failed login attempts

Password policies can be set under Administrator → Security → Security Configuration.

Log in to track your progress & complete quizzes

Learning

SAP FacebookSAP YoutubeSAP LinkedIn