Configuring a secure system

You should follow these best practices to maximize the security of Sage CRM.

• User authentication. A user requires a user name and password to access Sage CRM. User passwords are encrypted in the system and in the database for maximum security. You can change a user's existing password but cannot view it. You can set the minimum length and strength of passwords, and specify the number of days before a password expires. For more information, seePassword policies and Security Profile fields.
• Security profiles and territories. You can set up security profiles and territories to manage security access rights across the organization. A profile is a way of grouping users when defining access rights to view, update, insert, or delete records. You can further divide users rights by territory. For example, you can allow users in the Europe territory to view all opportunities in the USA territory, but not update them. Advanced policies let you define complex inter-territory security rights and exception handling. For more information, see Security profiles and Territories.
• Field security. You can set up field security for the Sage CRM system, individuals, teams, and security profiles. For example, you could make a field invisible to some users, allow other users to view the contents of the field but not to change them, and give other users read and write access to the contents. Or you could make it mandatory for the user to enter a value in the field before submitting the form. For more information, see Using field security.
• Company team and restricted tabs. You can restrict user access rights to view and update information depending on company team membership. For more information, see Security Profile fields.