17.1  Overview

The Security Box helps to control the following issues:

• Who can login and use 2BizBox?
• What role does the user play in 2BizBox?
• What exactly can this user can do with 2BizBox?

“User,” “Role,” and “Permission” can help to solve these important security questions. 

A User refers to the account to log in 2BizBox system. A User has a username and a password, and must be combined with an Employee ID.

Permission is the definition of an operation that is assigned in the system, e.g. the permission “ADD_CUSTOMER” decides whether a user is allowed to add a customer.

Role is an abstract concept that combines a series of permissions into “Someone” able to perform as a functional position in the company, e.g. a salesman, accountant, etc.

Permission is complicated and different from company to company. In 2BizBox, permission is assigned to very small functions so that businesses are able to assign very fine-grained permissions to each user. Though it is operable, in practical cases, it is not necessary to make such permission assignments because we have preset a few roles according to the module distribution. With these roles integrated with certain permissions, you can flexibly assign roles to a user in a very short time.

Still, you need to pay attention to some special and sensitive permissions such as download drawings, check system diaries, add users, check financial reports and adjust warehouse costs. 

2BizBox records every operation that occurs in the system. With the “Operation Log” function, you can search operations by user and actions, e.g. in case information is leaked, you can track and find out the user who is the source of the leak.