You can set up security for some specific transactions (such as adding addresses) within the Circulation Services menu. First, you must establish user IDs, user groups, and security IDs. Then, using this option, you can limit specific transactions to only those users with a specific security ID. Only one security ID can be assigned to a transaction type. If you want to change who has access to this transaction, you may have to set up a new security ID with different groups associated with it.

You can also implement data masking using transaction security.

To secure transactions:

1. Select Transaction Security from the Security menu to display the Transaction Security window.
2. Select a security item in the list and click the Modify icon.

3. Select a security ID from the Security combo box. Only users that have this security ID will be able to carry out this transaction.

4. Click OK to apply this security ID to the transaction.

Transaction Security Items

Data Masking

Data masking is used to allow only selected Circulation users to view and print private information, while preventing all other users from doing so. Users without security rights will see “masked” information, which means that most digits of a number are replaced with asterisks. A masked credit card number, for example, will be displayed as ************0123, with only the last four digits visible to the user. Users with security rights will see the whole number. The diagram below shows the level of security that data masking provides.

Note that, when using data masking alone, information is not masked in any way within the database. Any person who can access the database directly, such as a Naviga Support analyst or a developer who runs custom programs, ad hoc queries, Results queries, etc., will see the full data. Unauthorized users (i.e., “hackers”) who are able to gain access to the database will also see full data. To protect private information within the database, you must use database encryption.

Setting Up Data Masking

Data masking is set up within Transaction Security (Setup | System | Security | Transaction Security). By default, these items are marked NOT ACTIVATED, which means that the data for these items will be masked for all users until you “activate” access to an item for a security group.

Four security items in Transaction Security control the masking of private data:

• ShowCreditCard determines which security group can view and print full credit card numbers. All other security groups will see only the last four digits of credit card numbers.

• ShowPayPal determines which security group can view the full PayPal VaultID and Email Address. All other security groups will see only masked data in these fields.

• ShowBankAccount determines which security group can view and print full bank numbers and bank account numbers. All other security groups will see only the last 2 digits of the bank number and the last 4 digits of the bank account number.

• ShowAcctTaxInfo determines which security group can view and print the full social security number and Tax ID of accounts. All other security groups will see only the last 4 digits of the social security number and Tax ID.

Remember, all data will be masked until you perform this setup.