The main purpose of Transition Guide is to educate the existing users about the major changes in our new role-based security functionality without any hassles after rolling out the new role-based security functionality.
Target Audience
Existing Customers with more than 3 users (Subscribed for Zoho CRM - Paid Edition)
Partners/Consultants who implement Zoho CRM for their clients
Major Difference
In the existing setup, permissions to access various CRM features and data sharing among the users are managed in Roles module.
In the new security model, permissions to CRM features and the data sharing across the organizational hierarchy are separated.
Standard Settings
Existing Security Model
New Security Model
Roles
Profiles & Roles
Administrator Role
Administrator Profile
CEO Role
Standard User
Standard Profile
CEO Role
User-defined Roles
"User Defined Roles" will be changed to "User Defined Profiles"
Ex: "Sales Role" will become "Sales Profile"
We have 10 roles in our existing setup
10 profiles will be created with the same names and permissions
Some of the roles have "Admin Only can access the data" permission
Profile with the same permissions will be created
"Manager" Role and "User-defined Profile" are assigned to the Users
After transition, users can only access their own data
Some of the roles have "Everyone can view/edit the data" permission
Profile with same permissions that of User defined Role will be created
"CEO Role" and "User defined Profile" are assigned to the Users
After transition, users can access all users' data
Default roles in the existing Zoho CRM service are:
Administrator
Standard User
Default Profiles in new role-based security management are:
Administrator
Standard
Default Roles in new role-based security management are:
CEO
Manager
Read-only option for the fields is available only in the Page Layout Editor across the organization
Facility to change the fields to Read-only access at profile level
Sharing of Custom Views
1. All Users are allowed to view this Custom View
1. All Users are allowed to view this Custom View
2. Show this Custom View only to me
2. Show this Custom View only to me
3. Allow the following users to view this Custom View:
Users
Roles
3. Allow the following users to view this Custom View
Users: Selected users will have access to the custom view
Roles: If you selected the role option, custom view will be shared with all the users related to the particular role (Ex: CEO or Manager role).
Important Note:
After transition, you can change the custom view settings by assigning to:
Users
Roles
Roles & Subordinates
Groups
Sharing of Templates (Email/Inventory) Folders
Show to All
No Change
Show to me
No Change
Share with Roles
After migration, this option will share the Custom views to all users associated with Role
Sharing of Report Schedulers
Show to All
No Change
Show to me
No Change
Share with Roles
After migration, this option will share the Custom views to all users associated with Role
Sharing of Workflow Alerts
Show to All
No Change
Show to me
No Change
Share with Roles
After migration, this option will share the Custom views to all users associated with Role
Sharing of Dashboards
Show to All
No Change
Show to me
No Change
Share with Roles
After migration, this option will share the Custom views to all users associated with Role
Sharing of Custom Views
Show to All
No Change
Show to me
No Change
Share with Roles
After migration, this option will share the Custom views to all users associated with Role
Managing Users
Existing Model
New Model
Role
Role - Field type changed from drop-down list to Tree structure.
Profile - Field type is drop-down list
Other Mandatory Fields
Zoho CRM ID
Email ID
Last Name
Language
Country Locale
Time Zone
Secret Question
Answer
Other Mandatory Fields (No Changes)
Zoho CRM ID
Email ID
Last Name
Language
Country Locale
Time Zone
Secret Question
Answer
Managing Profiles
Existing Model
New Model
Module Name - Roles
Module Name - Profiles
For managing:
Module-level permissions - Access control to the records, sub-modules, various tools
Sharing of the actual data among users
For managing:
Only module-level permissions - Access control to the records, sub-modules, various tools
Data-level sharing is controlled separately in "Roles" & "Data Sharing Rules" modules.
Module-level permissions:
Create Records
Edit Records
Delete Records
Tab Visibility - managed in separate page
Module-level permissions:
Tab visibility
View records
Create Records
Edit Records
Delete Records
Sub module-level permissions:
Reports & Dashboards
Import & Export
Mass Transfer/Update/Delete
General Permissions
Sub module-level permissions:
Reports & Dashboards
Import & Export
Mass Transfer/Update/Delete
General Permissions
Admin Permissions
Field-level permissions:
Select Role
Select Module
Field Visibility
Field-level permissions:
Select Profile
Select Module
Field Visibility
Read-only option
Managing Roles
Existing Model
New Model
Partially Available
Available
Data can be shared with:
All users
Users with Administrator role
Data can be shared with users according to their role in the organization hierarchy (role hierarchy will control the data visibility to the users)
In addition, you can share data with roles, roles & subordinates, and groups using the Data sharing rules.
Managing Groups
Existing Model
New Model
Not Available
Available
CRM Records can be shared with groups.
CRM Records can not be assigned to a particular group.
Group Members Include:
Users
Roles
Roles & Subordinates
Sub-groups
You can assign the following Zoho CRM functions to groups/sub-groups:
Custom Views
Workflow Alerts
Email Template Folders
Inventory Template Folders
Report Folders
Dashboards
Data Sharing Rules
Existing Model
New Model
Not Available
Available
1. Types of Global Permissions:
Private
Public Read/Write/Delete
2. Data can be shared with Users, Roles, Roles & Subordinates, and Groups
If the Global Permission is set as Public Read/Write/Delete all the roles in your organization can see the other roles data irrespective of their hierarchy.
With the Global access permission is set as Private, users can access only own and sub-ordinates data.
If the Global access permission is set as Private you can extend the access to records by using "data sharing rules".
Data can be shared among groups only by setting up Sharing Rules.
Whenever updating (create/edit/delete) the Sharing rules, you must use the Recalculate function to apply the changes. Otherwise modified sharing rules will not be applied.
Field-level Security
Existing Model
New Model
Mandatory Fields
Role drop-down list
Module drop-down list
Mandatory Fields
Profile drop-down list
Module drop-down list
Field Name
Field Visibility
Field Name
Field Visibility
Read Only New
If you set read-only option for a particular field in the page layout customization, the field will have read-only access for all profiles.
For example, if the Amount field in potentials module is set as read-only, after transition, all the profiles will have read-only access for Amount.
2 Comments
Tim Mancuso, 245 - days ago
Great work here Gopal & Team! Kudos to you all, and Thank You! TM
Lukas, 70 - days ago
Exept the login and password is there additional safeguard access to ZOHO CRM ?
Is it possible to authorize only the physical computer to access or specify IP from which I can log in to Zoho CRM?
Is it possible to force automatic periodic changethe password access to Zoho CRM ?
Great work here Gopal & Team!
Kudos to you all, and Thank You!
TM
Exept the login and password is there additional safeguard access to ZOHO CRM ?
Is it possible to authorize only the physical computer to access or specify IP from which I can log in to Zoho CRM?
Is it possible to force automatic periodic changethe password access to Zoho CRM ?