Scenario: You’ve got two sales teams. Each sales team has a manager and several sales reps. What you want, dear reader, is for each sales rep to see only the record that they own or are assigned to (no more poaching leads from the newbie). You also want your sales manager to see all the records for that team, but not be able to see the other team’s.
Where the heck do you start?
Step 1: Roles
The first thing to do is make sure your roles are in order. Scoot on over to the Roles section of User & Access Control in your CRM Settings. Here’s how to set up your roles to reflect the two teams:
- Sales Manager Team A
- Sales Reps Team A
- Sales Manager Team B
- Sales Reps Team B
Now that the roles are in place, we need to be sure that each user is assigned to the correct team/role. Go through the list of CRM users and edit the details so that each person is properly assigned.
Step 2: Profiles
A profile is basically a set of can’s and cant’s that are applied to any given role. You could skip this part and just modify the role settings but I prefer to use profiles so that I only have to do the work once. It makes it easier to scale, too.
Create and name your profiles; one for the sales reps and one for the managers. Make sure to leave the View all and Edit all settings unchecked or none of this will actually restrict user access. Go down the list and remove or modify access to the modules that your sales reps or managers don’t need. Save the profile.
Go back to the Roles and edit them. The Privileges section allows you to assign privileges from an existing profile. Remove any unwanted existing profiles and add in the ones you just created. Save, and continue on to…
Step 3. Sharing Rules
This is a big one. I won’t cover all of the sharing rules that need to happen here because every organization has a different dynamic. However, our little test case organization wants most records to be visible only to users to which they are assigned and the managers of those users.
For all practical purposes, you should set access to “Private” where you want this kind of granular control. In our case, we will set Opportunities, Leads, and Orgs & Contacts to private so that our sales team will be viewing only their own records.
Here’s the big part, the rules. For each module you wish your Sales Managers to have oversight of, set up the conditions as such:
“Orgs & Contacts of: Role Sales Reps Team A
Can be accessed by: Role Sales Manager Team A
With Permissions: Read & Write”
Repeat this for each module and also for Team B. The read and write are less critical but my assumption is that most managers want to be able to modify the records of their team.
Conclusion
That’s it in a nutshell. Permissions and sharing can seem daunting or even downright scary at first. My advice is to break down what you want to achieve into little chunks like what we’ve done here. Sure, there’s more to an organization’s permissions than what’s covered here but that’s for another day. Rome wasn’t built in a day and neither will be the nuanced and finely tuned access controls of your Vtiger system.
Or, you can always ask me how!
[button color=”custom” size=”default” light=”no” icon=”fa-comments” open_in_new_window=”yes” link=”https://www.boruapps.com/contact-us/ “]Contact Us[/button]
