Security Settings
Security in BigTime is managed with a set of user "roles" that we call "security groups." Those roles work just like a set of keys: permitting any user that has them access to various areas within the program that are "locked out" to anyone missing the key. Granting a user a specific security role is like handing them a set of keys. Revoking that role is like taking the keys back.
Basic Security Groups
BigTime ships out of the box with six security groups: System Administrators, Everyone, Directors, Sales, Project Managers and Outside Contractors. Each of these groups has been granted a set of default permissions, so you can think of each group as a specific key ring. Some of the keys are duplicates (e.g. - the same key is on the "Director" ring and on the "Project Manager" ring), but you need to give the right key ring to the right people in your organization in order to let them into the areas of BigTime they are supposed to have access to.
The System Administrator Role
By default, each new user you add to the system is a member of the "everyone" group. That group has rights to the Daily Routine menu and a few specific personal reports, but that's it. The only exception to this rule is the initial "administrative" user that you created when you installed the system. This person get the "system administrator" key ring right from the start.
BigTime's Standard Security Groups
Rather than explain what rights have been granted to each of the standard security groups in the system, here's a quick overview of what each of these groups is typically used for:
- Everyone. The everyone group is the default set of user permissions. It allows users access to the Daily Routine menu and a few "personal" reports, but that's it. These users can't review/approve time, edit project budgets or even add new projects to the system. Their role is strictly data entry.
- System Administrator. This group is the opposite end of the spectrum from the Everyone group. Members of this group have access to all of BigTime's screens. By default, only the admin user created during setup is assigned to this group, but you can add other members as needed.
- Directors. Directors is a group that was designed for your management team. Members of this group have access to the Management menu (so they can see project and staff lists, review/approve time or expenses, drill down into time/expense history for the projects they manage, create and maintain budgets, etc.) as well as the full set of reports from the standard BigTime report list.
- Project Managers. This is a slightly more restrictive version of the Director group. Users in this group have access to the screens that would allow them to create/manage budgets and task lists, but not to contract information. They don't have access to staff lists, cannot approve/reject timesheet submissions and aren't allowed to add/delete projects or staff.
- Sales. This is a specialized team that has access to the sales pipeline area of the Management menu.
- Outside Contractors. By default, this group is even more restricted that the Everyone group. They are only allowed to enter time/expenses on projects they are staffed on and have limited access to the daily routine menu. For many firms, this is a convenient way to grant a different set of permissions to their full time vs. contract employees.
For more information on how to adjust the specific permissions granted to each of these groups (or to add your own set of security groups), take a look at Granting User Rights (below).
Granting User Rights
Granting a user membership in a specific security group is simple. You'll need to login to BigTime as a system administrator in order to follow these steps:
- From the Management menu, select the Staff List menu item.
- Click on the name of the staff member you'd like to edit. You'll see that staff member's detailed information screen.
- Select the Management Info link from the information box on this page.
- This page contains a panel for setting/revoking system permissions (if that section isn't expanded so that you can see the controls within it, click the expand arrow in the section's heading).
- Click on the check box controls to turn on/off security settings. A green check indicates an security group that you've granted to this user, and a red x indicates a group you've revoked.
Note that a user's permissions are based on the collective rights of all the permission sets they belong to. It's just like a set of keys: if a key exists on ANY of the key rings the user is given, then they have access to that area of BigTime.
- Click the SAVE button to save your changes. This employee is now a member of the System Administrators group. They'll need to logout of BigTime (if they are currently logged in) in order for the changes you make here to take effect.