Customer Engagement & Dynamics CRM Forum

Expand all | Collapse all

Handling Activity Security

  • 1.  Handling Activity Security

    D365UG/CRMUG ALL STAR
    Posted Jul 06, 2020 05:57 PM
    Hey UG - we are curious how other people are handling Activity security in your organization!

    We have 3 business groups who currently set up like this:
    • Parent Business Unit - Access to All records by Parent: Child BU Access
      • Child BU A
      • Child BU B

    The Child Business Units have no visibility up the chain and no visibility to each other. We are looking to open up our security model a bit more to share Accounts and Contacts but we are trying to figure out how much to share Activities. We cannot share access into Activities at the parent level but probably want to share everything a the child level. Plus throwing in some complexity by wanting to keep Opportunities more isolated.

    So we are looking for inspiration! How are you handling these sorts of things?

    ------------------------------
    Kylie Kiser
    Product Owner, CRM
    Ascensus

    www.CRMUG.com/Washington
    KylieKiser.com
    ------------------------------
    The first step toward cloud success. - Migrate from CRM to D365 with expert guidance from Microsoft. I'm Ready


  • 2.  RE: Handling Activity Security

    TOP CONTRIBUTOR
    Posted 29 days ago
    Hi @Kylie Kiser,

    I was hoping to see some ideas here. We did some work with unusual activity security many years ago - I don't remember it well, but it involved some of what you shared and some other unusual requirements like needing to selectively hide only certain activities. It's been so long that I'm not even sure if whatever solution we developed is relevant anymore.

    Happy to do a joint brainstorming exercise with you (and anyone else who might want to participate). We could then share the results together via a session and/or blog.



    ------------------------------
    Geoff Ables, MVP, MCT
    C5 Insight
    www.c5insight.com
    ------------------------------

    The first step toward cloud success. - Migrate from CRM to D365 with expert guidance from Microsoft. I'm Ready


  • 3.  RE: Handling Activity Security

    Posted 29 days ago
    We have a similar solution where if a checkbox is checked then the record is shared with a particular security group. As far as using the security to limit activities displayed across BU, I don't think there is a way to limit specific activities without keeping them all secure and using the share button to share with a Team/User based on my experience.

    ------------------------------
    April Conner
    Senior Business Analyst - CRM Admin
    ICF
    Martinsville VA
    ------------------------------

    The first step toward cloud success. - Migrate from CRM to D365 with expert guidance from Microsoft. I'm Ready


  • 4.  RE: Handling Activity Security

    GOLD CONTRIBUTOR
    Posted 28 days ago
    We also have a similar situation, and are interested in seeing how others have handled this, especially in relation to activities.

    In general, each of our Business units (about 10) correspond to a sales territory/area, and are first level children of the parent BU for the org. We initially had a couple of sub-areas that were children of a territory BU, but that quickly made our heads hurt. Our 'Corporate' users are generally members of the parent BU for the org, with each territory user being a member of it's own child BU. This largely takes care of security for opportunities with each area only able to see their own opportunities. Users that want to collaborate across child BU's will share the opportunity directly with the other users.  The biggest problem we've had - and it's been minor - with this model is that any 'corporate' users need to re-assign an opportunity to a member of the child BU before they can continue working on it.

    The second security component we needed to add was on a set of custom entities - I'll conceptually call it a 'job'.  Each Job is associated with only one child BU, and we wanted to make sure that a member of one BU could not dispatch work to another BU inadvertently. We did this using CRM Teams - we assign all jobs to a team as the owner, and assign the users in the BU, and the corporate users to the team. A couple of our areas are quite close and sometimes share jobs, or fill in while someone is on vacation, and in those scenarios we're able to temporarily assign a user from BU-A as a member of the team for BU-B's jobs.

    Our accounts and contacts are generally shared across all BU's, so we generally assign those to a generic user that everyone has visibility to. We also do some custom filters on the outlook side to make sure that only a subset of contacts get synchronized with outlook.

    ------------------------------
    Jeff Woodard
    Chief Technical Officer
    Transportation Financial Services, Inc.
    West Palm Beach FL
    ------------------------------

    The first step toward cloud success. - Migrate from CRM to D365 with expert guidance from Microsoft. I'm Ready


  • 5.  RE: Handling Activity Security

    D365UG/CRMUG ALL STAR
    Posted 25 days ago
    Thanks All!

    I appreciate all these ideas. I'm hoping to stay away from the sharing approach as I have been down that road before in an old life and it can quickly get out of control. We are hoping to see if we can convince users that the security can be less complex than it currently is. However, I think we will still need to hide Activities related to Opportunities which will add additional complexity.

    ------------------------------
    Kylie Kiser
    Product Owner, CRM
    Ascensus

    www.CRMUG.com/Washington
    KylieKiser.com
    ------------------------------

    The first step toward cloud success. - Migrate from CRM to D365 with expert guidance from Microsoft. I'm Ready


If you've found this thread useful, dive deeper into User Group community content by role