1. Field Service Management
  2. Field Service Management Security Guide
  3. Ongoing FSM User Security
  4. For Administrators

For Administrators

Setting Up New FSM Mobile Users

Only Administrators can set up users for the FSM Mobile app. Confirm that you have mobile licenses available by checking the license count displayed in the Field Service Mobile User box in any employee record.

To set up new FSM Mobile users:

  1. Go to Lists > Employees > Employees.

  2. Find the employee you want to set up as a new FSM mobile user. If the user does not have an employee record, add one. To add a new employee, see Adding an Employee.

  3. Click Edit beside the employee's name to edit the record.

  4. On the Field Service subtab, check the Field Service Mobile User box.

  5. If the email and password fields are empty, add them for the user.

  6. Click Save.

  7. Click Email Mobile Login at the top of the page to send an access link to the new FSM Mobile user.

  8. Let the user know the password securely.

Guidelines for Passwords

By default, users with NetSuite access use the same email and password for FSM Mobile as they do for NetSuite. Users with no NetSuite access need an Administrator to set their password for them. These users cannot change their own password.

Take note of the following guidelines for passwords:

  • When informing users their password, do not send it by email or plain text. Call the user, confirm their identity, and then give the password verbally.

  • Advise users ahead of time how and when you will contact them with their password.

  • Remind users that administrators will never ask them for their current password and that they should never provide their passwords if asked.

  • Remind users to memorize passwords or use a secure password manager—never write them down or save them in plain text files.

  • To follow NIST guidelines, don't require mobile users to change passwords. Only require a change if you have evidence of potential account compromise. This encourages users to choose strong passwords they'll remember.

Roles and Permissions

When configuring access to custom records related to FSM, take note of the following high-risk record types:

  • Field Service Configuration – This record can be used to customize the behavior of the FSM module. This could potentially introduce security issues or change the expected behaviors of the FSM application in a detrimental way. For more information, see Configuring the FSM Module Securely.

  • Field Service Error – This record contains detailed information of FSM errors that have occurred in the account including logs of authentication failures through the mobile application. Creation and modification of these records can also indirectly impact the way certain scheduled FSM processes run, sometimes stopping these processes entirely.

  • Field Service Account – This record controls account-specific information including mobile license numbers and feature toggles. While this record cannot be accessed through the user interface, it can be accessed programmatically by users with appropriate permissions.

Due to the high-risk nature of these record types, only fully-trained staff members should be given access and only if they must have access to complete their work.

FSM Version Updates

When a new FSM version is available, you should upgrade your sandbox account as soon as possible and complete user acceptance testing (UAT) ahead of the scheduled production account upgrade.

If you do not plan to complete UAT, you should still upgrade your sandbox account. Updates to the FSM module may contain security enhancements and leaving your sandbox account on an older version may leave any data within that account vulnerable.

General Notices