Security Types Overview
To assign security rights to a group, you mark a series of checkboxes. For some areas of the program such as Records, you can assign separate view, add, edit, and delete rights. For other areas such as Query, you can only grant or deny access to an entire module. All checkboxes default to marked (granting access) except the system security options: Security by Constituency, Gift Security by Fund, and Notepad Security by Type.
See How to set up security
for additional information.
You can assign view, add, edit, and delete rights for all record types. For example, you may want to give a group rights to view constituent records, but not to edit financial institution information, notes, or any other parts of the constituent record. You can assign field level security for several fields on the constituent record.
To define query security, you can mark or unmark a single checkbox that gives or denies all rights (view, add, edit, and delete) to Query. If you deny rights, users can still select queries in other areas of the program and run output and exception queries in reports. However, they cannot add new queries. System level security affects query results. (Note Run and modify rights are set directly on a query
To define export security, you can mark or unmark a single checkbox that gives or denies all rights to Export.
Rights to run reports are defined on two levels. You can assign rights by report type and more specifically by report name. For example, if you deny rights to analytical reports, a group cannot run any of them. However, you can grant rights to run analytical reports and deny rights to individual reports such as the Top Donors Report or LYBUNT Report. Records rights do not affect report rights. If a user has rights to a report, she has access to all records on that report. However, system level security by constituent code, notepad, or fund does affect the data that displays in reports.
You can define rights to run mailings by mailing types and more specifically by mailing functions. For example, if you deny rights to letters, the group cannot run any letters in the program. However, you can assign rights to run letters and still deny rights to individual letters such as Donor Acknowledgement letters and Follow Up letters. Records rights do not affect mailing options. If a user has rights to a mailing type, he has rights to all information included in that mailing. As with reports, system level security affects constituent and gift information in mailings.
You can assign rights to create, edit, delete, and commit batches. For example, you may want to grant a group rights to create and edit batches, but not to delete them. Security by Constituency and Gift Security by Fund affect which constituents and gifts are included in batches. In Batch security, you can also assign rights to access Electronic Funds Transfer for electronic funds transfers.
To assign rights for each administrative function, including data import, global add, and global delete, you can mark or unmark a checkbox that gives or denies rights. Because so many of these functions have wide ranging implications, we recommend you limit rights to only experienced users.
To assign rights for each area of configuration, you can mark or unmark a checkbox that grants or denies rights. Rights to the Fields link of Configuration are automatically available only to users with Supervisor security rights. We recommend you limit rights to most functions to several key users.
Fields with a down arrow to the right, such as Constituent code and School name, are code tables. When you click the down arrow, you can select from a list of entries. Tables add consistency to your data entry. You can assign rights to add, edit, and delete entries for each table in The Raiser’s Edge. To keep your table entries consistent and manageable, we recommend you limit rights to add or change code table entries to several key users.
You can specify whether social security numbers and bank account numbers are masked or visible to users.
Security by Constituency Code
You can use using inclusion and exclusion criteria to define the constituent records to which a group has access. For example, you can use inclusion to grant a group rights to only those records that contain the code Friend and you can use exclusion to deny a group rights to any constituent record containing the code Trustee. If you restrict rights to a particular code, the user cannot assign the code to any record. If both inclusion and exclusion rights are set up for the same group, exclusion rights always take precedence over inclusion rights.
Gift Security by Fund
You can limit the ability of a group to access gifts given to particular funds. For example, if you deny access to gifts given to your Major Donor Annual fund, these gifts do not appear on reports, queries, or data entry records.
Security by Notepad Type
You can limit view and edit rights to selected notepad types. This can be useful if you keep sensitive information in a notepad. For example, you can grant view rights to a notepad type named “Director’s Notes” to only the Director and Assistant Director.
To define Dashboard security, you can mark or unmark a single checkbox that gives or denies rights to Dashboard.
To define security for installing samples, you can mark or unmark a single checkbox that gives or denies rights to all samples. Sample queries, exports, custom reports, business rules, and more are available for installation when you select Tools, Install Samples from the shell menu bar.
Proposal Security by Purpose
You can limit the ability of a group to access proposal records based on the purpose for which the proposals are targeted. For example, you may have a purpose of “Major Gift” for which you want to limit access. If you deny access to proposals with a purpose of Major Gift, these proposals do not appear on reports, queries, or data entry records for a security group.
Data Health Center
To define Data Health Center security, you can mark or unmark a single checkbox that gives or denies all rights to the Data Health Center.
When you integrate The Raiser’s Edge with Blackbaud NetCommunity, you can specify which information from Blackbaud NetCommunity is available to a group.
Security by Action Type
You can limit view and edit rights to selected action types. This can be useful if you keep sensitive information in an action record. For example, you can grant view rights to an action type named “Advocacy” to only the Advocacy Director and Assistant Director.
Note: Some options may not be available if your organization does not have all modules, such as the Proposal Security by Purpose if the RE:Search or Prospect module is not available.