Table of Contents


Configuring Field Security and List Views for Entities

Field Security and List View configurations provide granular control over what users can see and do within entity records. These settings work within the broader Security Role permissions to hide sensitive data and control user interface capabilities.

Understanding Field Security

How Field Security Works

Field Security operates within entity-level permissions to provide additional data protection:

  • Users can still see the record if they have entity Read permissions
  • Specific fields are hidden based on Field Security configuration
  • Works consistently across Employee, Partner, and Customer Security Role types
  • Complements entity permissions rather than overriding them

Common Field Security Use Cases

  • Hide sensitive data that users don't need to access (SSN, salary information, internal notes)
  • Protect personally identifiable information (PII) for compliance requirements
  • Control role-based information access (partners see different data than customers)
  • Secure confidential business data (pricing, margins, strategic information)

Requirements

To configure Field Security and List Views, you must have:

  • Administrator System Role permissions

Configuring Field Security and List Views

Accessing Configuration

  1. Navigate to the Setup Home page
  2. Click Security > Security Roles
  3. Click the Security Role you want to configure
  4. In the All Entities tab, find the target Entity
  5. Click Change next to the entity

Field Security Configuration

Purpose: Hide sensitive fields from users while maintaining record access.

  1. Select the Field Security tab
  2. Configure permissions for each field:
    • Read: Users can view the field content
    • Edit: Users can modify the field content
    • Neither checked: Field is completely hidden from the user

Important Limitation: Field Security cannot be applied to fields marked as required. Required fields will always be visible to users who have entity access, regardless of Field Security settings.

Field Security Strategy

  • Start Restrictive: Begin with minimal field access and expand as needed
  • Sensitive Data Priority: Focus on fields containing confidential or personal information
  • Role Alignment: Ensure field access aligns with job function and business needs
  • Compliance Considerations: Consider regulatory requirements for data access

List View Settings Configuration

Purpose: Control how users interact with entity record lists and data export capabilities.

  1. Select the List View Settings tab
  2. Configure user capabilities:

View Management

  • Hide Views: Users cannot access List Views for this entity
    • Use case: Completely restrict entity list access while maintaining individual record access
  • Create Views: Users can create custom List Views
    • Use case: Allow users to organize data according to their workflow needs
  • Edit All Views: Users can edit other users' List Views
    • Use case: Enable collaborative view management or administrative control

Interface Controls

  • Enable Column Selection: Users can choose which columns appear during List View creation
    • Use case: Allow customization while respecting Field Security restrictions
  • Export to Excel: Users can export List View data as spreadsheet files
    • Use case: Enable data analysis and reporting capabilities
  • Export to PDF: Users can export List View data as PDF files
    • Use case: Provide formatted reports for presentations or documentation

Document Library Folder Settings

Purpose: Control file management capabilities within the Document Library module.

  1. Select the Folder Settings tab
  2. Configure document and folder management:
    • File Type Restrictions: Limit which file types can be uploaded to the portal
    • Root Folder Creation: Control permissions to create new folders at the root level

Document Library Integration

  • These settings specifically relate to the Document Library module
  • Control both file upload restrictions and folder organization capabilities
  • Work in conjunction with Document Library sharing permissions configured elsewhere

Strategic Implementation Guidelines

Field Security Best Practices

Security by Design

  • Default Deny: Start with fields hidden and explicitly grant access as needed
  • Role-Based Planning: Map field access requirements to business roles and functions
  • Sensitive Data Inventory: Identify and classify sensitive fields before configuration
  • Regular Review: Audit field access periodically to ensure continued appropriateness

Implementation Strategy

  • Test with Sample Data: Use non-production data to validate field hiding works correctly
  • User Training: Inform users about field restrictions to prevent confusion
  • Documentation: Maintain records of why specific fields are restricted for each role

List View Permission Strategy

Productivity vs Control Balance

  • Create Views: Generally enable for users who work extensively with entity data
  • Edit All Views: Reserve for administrative or supervisory roles
  • Export Capabilities: Enable based on business needs and data sensitivity
  • Column Selection: Usually enable unless field security concerns require restriction

Export Security Considerations

  • Data Leakage Prevention: Consider whether export capabilities align with data protection policies
  • Audit Requirements: Some organizations need to track data exports for compliance
  • Field Security Integration: Ensure exported data respects Field Security restrictions

Integration with Overall Security Strategy

Relationship to Entity Permissions

Field Security works within the framework established by:

  • Entity-level Read/Write permissions determine basic record access
  • Account/Contact associations filter which records are visible (Partner/Customer roles)
  • Field Security provides additional granular control within accessible records

User Experience Considerations

  • Transparent Operation: Users see records normally but with specific fields hidden
  • Interface Consistency: Field Security integrates seamlessly with standard interfaces
  • No Error Messages: Missing fields don't generate errors, they simply don't appear

Module Integration

Field Security and List View settings apply across all Magentrix modules that display entity data:

  • Standard Entity Views: Field restrictions apply in all record detail pages
  • Module-Specific Displays: Field Security respected in specialized module interfaces
  • Reporting and Analytics: Field restrictions carry through to reports and data analysis

Testing and Validation

Field Security Testing

  1. Create Test Users: Set up users with the configured Security Role
  2. Record Access Validation: Confirm users can access records but not restricted fields
  3. Interface Testing: Verify fields are properly hidden across all relevant interfaces
  4. Export Testing: Ensure exported data respects field restrictions

List View Testing

  1. View Creation: Test user ability to create and customize List Views
  2. Export Functionality: Validate export permissions work correctly and respect Field Security
  3. Sharing Behavior: Test whether users can share views appropriately
  4. Performance Impact: Ensure List View restrictions don't negatively impact system performance

Field Security and List View configurations provide the final layer of access control, enabling precise data protection while maintaining usability within your comprehensive Magentrix security framework.

     

    << Configuring Security Role Permissions | Assigning Record Types To Security Roles >>


    Privacy & Security StatementTerms & Conditions
    Copyright © 2025 by Magentrix Corporation - All rights reserved.
    Powered by Magentrix