Editing the Global security policy

If you can implement the security strategy for your organization with one security policy, use the Global security policy as your single policy.

About this task

In most cases, you do not change the default permissions for the supplied Plan Administrator and Plan User system roles. Instead, you add new security policy roles to implement your security goals.

Procedure

  1. Select Settings > Plan Settings > Security Policy Settings > Global.
    The Properties for <security policy> page displays.
  2. Add a security role:
    1. Click Add Another Role.
    2. Enter a Name and Description for the role.

    Repeat these steps for each role you add.

  3. Click Save and Edit Permissions.
    The Permissions for <security policy> page displays. This page contains a table interface so that you can grant or block access to features for each role.
  4. To configure permissions for objects other than projects and requests, from the Access to list select the marketing object type. Use the check boxes to configure permission settings for each security role. See Security policy permission settings.

    You repeat this procedure for each object type in the Access to list.

  5. To configure project permissions, complete these steps.
    1. From the Access to list, select the Project object type.
    2. In the General section, configure the Add Projects and View Project in the List permissions for each object and security role.
    3. Select a project template. The security policy displays a column for each project role specified for this template on the Project Roles tab in the Team Members section. An access control section displays for each tab in the template.
    4. Configure permissions for each tab in the template, including any custom tabs, for the project, object, and security roles.
    5. Repeat steps c) and d) for each project template.
  6. To configure request permissions, complete these steps.
    1. From the Access to list, select the Request object type.
    2. Configure the Add Requests and View Request in the List permissions for each object and security role.
    3. Select a project template. The security policy displays a column for each project role specified for the template on the Project Roles tab in the Project Request Recipient section. An access control section displays for each tab in the template.
    4. Configure permissions for each tab in the template, including any custom tabs, for the project, object, and security roles. When configuring requests, remember that the permissions you set for the Request Recipient object role must match the permissions for at least one of the roles in the recipient project.
    5. Repeat steps c) and d) for each project template for which you want to configure custom permissions for requests.
  7. For custom marketing object types, be sure to configure permissions for each template.
  8. Click Save and finish.