In order to bring you the best possible user experience, this site uses Javascript. If you are seeing this message, it is likely that the Javascript option in your browser is disabled. For optimal viewing of this site, please ensure that Javascript is enabled for your browser.
Login  |   Cloud ERP  |   Home  |   qad.com



  •     QAD Glossary

  • Security Overview
    Security options are available on several levels, based on information defined in user master records.
    Two types of security are enforced at log-in:
    Log-in security determines whether a user can log in to a session. This level of security is always active and requires that users specify a valid user ID and password before they can log in.
    Optionally, system administrators can choose to bypass log-in security and automatically log in valid users based on operating system-level access.
    Note: You also should consider additional access security options at the operating-system and Progress levels. See Operating System and Progress Security.
    Domain security limits individual user access to specific domains identified in User Maintenance. Users are limited to authorized domains at log-in. Additionally, the system controls domain access when the user runs Change Current Domain (36.10.13), as well as certain programs that can display or update records from multiple domains.
    Other security methods are based on what action the user is attempting within the system. Individual programs let you control access based on individual user IDs and/or user groups:
    Menu security (36.3.10) limits access to menus and menu functions.
    Field security (36.3.19) limits who can update specific fields.
    Entity security (36.3.13) limits who can create GL transactions for a particular entity.
    Site security (36.3.15) limits who can create inventory transactions at secured sites.
    General ledger (GL) account security (36.3.9) restricts access to GL accounts.
    Inventory movement security (36.3.17) lets you grant or deny group members access to shippers and other transactions using specific movement codes at a site.
    Note: If you use the Sales and Use Tax Interface (SUTI) to communicate tax data with Vertex’s Quantum for Sales and Use Tax product, set up similar access controls in Tax Interface Control (36.5.3.24).
    See Technical Reference: Sales and Use Tax for information on SUTI.
    Types of Security illustrates how several different kinds of security can operate at the same time with the same user.

    Types of Security
    Security functions use user IDs and groups for system elements controlled by menu, site, entity, and so on. The security maintenance function creates a record that pairs a field or function and user IDs or user groups.
    For menu security, site security, GL account security, and inventory movement code security, specify any combination of user IDs or user group names.
    For entity and field security, specify user IDs.
    For domain security, grant each individual user access in User Maintenance.
    When a user tries to do something that is controlled by security, the system compares the security records with the ID and groups associated with the current user. If there is a match, the system grants or limits the user’s actions accordingly.
    Additional access control features are provide by the QAD .NET and QAD Desktop user interfaces. See the user guides for those interfaces for information.
    Important: The various security controls are primarily effective within a user session. The database should be protected from any unauthorized access, not just access from within an application session. Additional controls should be considered to prevent compromise of application data using other means. See Operating System and Progress Security.