Levels of customer authorization

Access to all customer-level information

You can authorize members of a security group to access all customer-level information. Users with this level of customer authorization can access information that is associated with any customer and any customer-level information that is not associated with a customer.

For example, the director of operations for a service provider is responsible for all maintenance activities for all customers of the service provider and requires access to all customer agreements and transactions. The director of operations belongs to a security group that is authorized to access all customer level information.

Access to customer-level information that is not associated with a customer

You can authorize a security group to access only unrestricted customer-level information. Users with this level of customer authorization can access all information that is not associated with a customer.

For example, Best Services provide grounds, tarmac, and janitorial services and leases certain aircraft or equipment pieces of equipment to customers. Best Services leases fire extinguishers to all of its customers, so no customers are associated with those pieces of equipmentaircraft or equipment. A technician is responsible for checking all of the fire extinguishers on behalf of Best Services. The technician is in security group with access to unrestricted customer level information to view the details on Best Service owned fire extinguishers and not on customer owned aircraft or equipmentpieces of equipment.

Access to information only about the employer of a user

A security group can allow its users access to customer-level information about the employer of a user only. Users in a group with this level of customer authorization can access customer-level information only for the company in the Customer/Vendor field on their person record in the People application. They typically are employees of a service provider's customers, and have limited access to data and applications. These users typically are restricted to using only the Self-Service applications and the Bill Review application.

Users with this level of customer authorization cannot access unrestricted customer-level information, except for unrestricted classifications and attributes.

For example, an agent is assigned to evaluate Best Services bills for a customer and provide feedback before they are sent. The user's person record in the People application specifies the name of the employer in the Customer/Vendor field. The agent belongs to a security group that has access to information about a user's employer. As a result, agent can have limited access to data and applications for employer and cannot view customer level information for any other customers of Best Services. Moreover, agent cannot view any customer level information that is not associated with a customer, except for unrestricted classifications and attributes.

Access to information only about an assigned customer list for the user

A security group can be authorized so that its users can access information about all of their assigned customers. A security group user can access customer level information of all customers who are listed in the Customer Access List table on the Customer Access tab in the People application. Users also can access all information that is not associated with a customer.

An administrator can change the customers on the agent's customer access list so that agent can work with a different list of customers. Administrator can do so without creating security profile for that agent.

For example, a customer service agent is assigned to support two customers who are listed in the customer access list on person record. The agent belongs to a security group with access to any customer on the user's customer access list. As a result, agent can view all customer-level information for these two companies.

As coworker is absent, the agent must also handle calls from a third customer for that day. Agent's service desk manager has access to all companies in the group. Without changing the security profile, manager opens the People application and adds the third customer to the agent's customer access list. Agent can now work with all three companies in that shift. Only service desk manager can remove the third customer from agent's customer access list at the end of the shift.

Access to information about specific customers

You can authorize a security group so that its users can access information about specific customer. This level of authorization enables a user to access all customer-level information for all of the customers who are listed in the Individual Customer Authorization list for the security group.

Users also can access all information that is not associated with a customer.

For example, members of a group of service desk agents for Best Services are responsible for two customers each. However, they need to be able to provide service to any of the customers that the group supports. The security group for the agents lists all of the supported customers in the Individual Customer Authorization list. If any agents are not available, another agent can provide service for their customers as needed.