Configuring security roles

You can configure security to restrict user access to specific areas of CCMWeb and the Contact Center Client, YourSite Explorer, and Ignite applications. The following figure shows the security options available under General tab.

For example, if you want to restrict users from accessing Contact Center Client and Enterprise Configuration, then you must create a security role with those characteristics.



You can further configure security options under the specific tabs to restrict access to reports, real time and Interactive Contact Center statistics, Chat, sites, and real-time monitors. These security options often require that appropriate security lists be made.

The following table describes the specific setting options for YourSite Explorer synchronization for security.

Table 1. YourSite Explorer synchronization - security setting options

Option

Description

None

If None is enabled you cannot view or configure Enterprise settings or devices in YourSite Explorer.

Allow Read Access

Allow Read Access enables you to read Enterprise and device configuration settings in YourSite Explorer.

Allow Read/Write Access

Allow Read/Write Access enables you to read Enterprise and device configuration settings in YourSite Explorer and write them to the YourSite database.

Allow Full Control

Allow Full Control enables you to read Enterprise and device configuration settings in YourSite Explorer, write them to the YourSite database, and write back devices programmed in YourSite Explorer to the telephone system ACD Routing System.

Figure 1. Security roles settings options for Yoursite Explorer

Advanced security role options require the creation of a security list before the role can be configured. Using these lists, you can define a security role's access to devices. See "Creating security lists".

After you create device security lists you can create an advanced security role that restricts access to reports, real-time statistics, ChatLine, sites, and real-time monitors.

Security roles are assigned to employees in their General tab. See "Configuring general employee information".

If you are using Windows Authentication, you must also enable the following browser settings:
  • Under Internet Options > Security, enable ‘Automatic logon with current user name and password’
  • Under Internet Options > Advanced, enable ‘Enable Integrated Windows Authentication’
To add a security role
  1. In the Enterprise pane, click Security role.
  2. Click Add.
  3. Type a role name in Name.
  4. Type a description in Description.
  5. On the General tab, clear the check boxes of the items the user is not permitted to use.

    If required, click the specific component tabs and specify advanced security.

  6. Click Save.
To verify the properties of a security role
  1. In the Enterprise pane, click Security role.
  2. Click the security role for which you want to view properties.

    You can assign the security roles to new users and to existing users.

To edit a security role
  1. In the Enterprise pane, click Security role.
  2. Select the security role and click Edit.
  3. Make the desired changes to the security role.
  4. Click Save.
    Note:

    Users who are currently logged on will not be affected by changes made to their associated role until the next time they log on.

You can restrict a supervisor user to monitor a specific set of devices and access the recorded files. To configure a security role for a supervisor user
  1. In the Enterprise pane, click Security role.
  2. Click the security role for which you want to view properties.

  3. Click the Realtime Control tab.

  4. Under Monitoring/Visibility, select May view real-time monitors and devices.

  5. Click the Add icon to select the security list to limit the devices the users can monitor real-time and access the call recording files for those devices. If it is empty, users can monitor all devices.