The following PPM components can be secured:
- Data: All data (cells) get their security from items and portfolios or from categories. Data security can also be defined at the cell level.
- Objects: all properties of objects can be secured. You can set security in the security tab in the object's wizard, and security may be inherited from the object's home folder/portfolio.
- Components: components get their security settings from other objects. Some components can have their own additional security properties settings (for example, deliverables), while others only inherit their security from other objects (for example, versions). The following components can be secured:
- Workbooks:
Dependencies, item life-cycles, and item phases inherit their security from the item's properties permissions.
Links and contacts inherit from items' workbook permissions, but do not have their own security tab.
Sub-items, deliverables, action items, and documents inherit the item's workbook permissions, and have their own security tab. Security for a sub-item is determined by the security settings of the manager of the item or portfolio in which the sub-item is found and not by the manager of the sub-item itself.
- Portfolios:
Versions, goals, and snapshots inherit their security from portfolio properties permissions.
- Forms and Dashboards:
Transfer tools inherit their security from the form or dashboard tab in which it is defined.
- Functions: users get access to Functions from the category.
- Workbooks:
Operations that access data in the system, such as running functions, running queries, or importing packages, are also secured. To run such operations, you need appropriate security permissions. By default, such operations access data in the system with the same security permissions as the user who runs them. If you are running an operation and your permissions are not appropriate for the task, you will want to limit or expand the operation's access to data. To do so, you can use the login name and password of a user that has the desired permissions.
Some operations can be set and then run automatically when a system or scheduled event triggers them. Such operations also run with the permissions of the user who sets them, or the permissions of someone who the user specified.
System configuration data is listed in the Admin dialog box. You can secure system configuration data by restricting who can access the Admin dialog box.