Security Best Practices

Avoid creating users who have access to all actions and screens in Fynapse
Roles and groups should be created according to specific needs; they should not contain all permissions and users
One user should not belong to all available groups
System administrators and ordinary users should be kept separate, i.e., in different groups
Each time you introduce changes to any of the users, notify them that they need to log in to Fynapse again
Each time you introduce any changes to your security settings, Fynapse needs some time to apply them. This rule applies especially to assigning roles to groups or removing permissions from users.
Data permissions control the visibility of data. By assigning data permission rules to groups, you made them access only a subset of data. Hence, data permission rules should be defined with caution. Since they also depend on the Fynapse configuration, we recommend consulting their settings with business experts who understand their influence on, for example, Subledger mapping or Journal structure.