Security Groups

Security Groups

Security Groups

In TransVirtual there is the ability to create Security Groups that can be used to control and monitor what each user has access to in your account.
The page to create these groups can be found under Settings > General > Security.
This article will detail how to create and edit Security Groups as well as how to assign users to a security group.

Note: This article will only be relevant for Management or SuperAdmin users of an account as only these users have the required access to make these changes.


This page in TransVirtual will look like the below screen:




By default, your account will likely have SuperAdmin, Customer and Agent Security Groups.
SuperAdmin users have access to everything in an account and this security level should only be provided to staff who are management/owners/directors/etc of a company.
Customer type users only have access to their own customer specific information such as any consignments they have in your account. By default they are only limited to being able to search for and open any consignments where they are the customer.
Agent type users typically do not have access to anything in the web portal in your account except the Help menu. Agent logins are normally only used when your agent will login to your account and load and scan freight via a device; they don't typically need access to anything in your account. 


Creating New Security Groups

If required, you can create new Security Groups using the Add Security Group button at the top of the page:




When creating a new Security Group ensure you name the new group appropriately. The name should be reflective of the type of user that will be in this group.

Default General Security = This means of the pages this group has access to in TransVirtual, what can they do with those pages? Can they make changes (Read/Write) or are they only able to view (Read) the page content? Typically, we would recommend leaving this as RW (Read Write) because each user will only have access to the pages they are approved to view. 

Default Menu Security (recommend NONE) = Similar to the above setting just at a menu level, so for example, if a security group gets access to the manifest column under the Home menu, if new pages are added to this section, will this group have access to these new pages by default? We STRONGLY recommend leaving as NONE for all security groups; again because typically the pages each user is able to view have been setup and approved and this should not be subject to change without approval first. 

Copy Security From = This can be used to assist with setting up a new security group. If you are creating a security group that is modified version of the default customer security group, you could set this field to copy settings from the Customer default group. When you do this the new group will be created exactly as the group it has been copied from making setup quicker and easier. 


Once you have created a new group you can modify that group by entering the Security Mode.
Security Mode can be enabled/disabled by clicking on the drop-down arrow at the top-right of the page near your login name and clicking the option that says Enter/Exit Security Mode.


Once in Security Mode the current page will refresh and you will see a series of padlocks appear next to each field and menu:


These padlocks allow you to edit the access a Security Group has to a certain page or to menus etc.

Example Security Group setup

In this example we are going to give the Customer Security Group access to the Customer Manifest page so that they can view their own Customer Manifests.
To do this, first enter Security Mode (click the drop-down arrow at the top-right next to your login name and click the enter Security Mode option). 

Once the page refreshes and the padlocks appear, hover over the padlock next to the Home menu at the top of the page:


From here click Set Security, then click the Customer Security Group option, then give them RW (Read Write) access:


When you click the Read Write option you will see this message appear on your screen indicating the settings have been successfully updated:


From here, you then need to give the Customer group access to the Manifest column heading as the Customer Manifest sits under this menu:


Give the Customer group RW access to the Manifests column/section.
From here give the Customer group access to the Customer Manifest page:



The next step is to enter the Customer Manifest page and ensure that there isn't anything in this page that you don't want customers seeing:


This page is simply a list of available Customer Manifests. Keep in mind that customers will only be able to see manifests where they are the customer; which will be different to what you can see which is everything for all customers.
Typically there isn't anything of too much concern to hide from the customer in this page, but please review to ensure so.
If you need to restrict access for a particular field, simply hover over the field/heading click Set Security, Customer, then click None to remove access for this security group:



Once you have finished setting up/configuring a Security Group, you can impersonate their access to see what a user of this group can and can't see.
To do this hover over any padlock, click impersonate, then select the group you want to impersonate and then click enable impersonation:


The page will then refresh and you'll see what a user of that group would see if they logged into TransVirtual through your account:


As you can see the Menus at the top will display like the above if they only have access to a few pages.
The Customer group in our example does not have access to the EDI, Finance menu etc.
Note: In the above image, when a customer logs in they would only see their own consignments.

To disable the impersonation simply hover over any padlock, click impersonation, then click disable impersonation. 
If setup is complete you can exit Security Mode via the drop-down menu top-right next to your login name.

Once your Security Group has been configured, you can add users to this Security Group.
To change staff members to a different type of Security group simply open their staff card from the staff list under the Home menu:
 


Simply tick the Security Groups that you want this user to be a part of.

The same thing can be done for customer or agent logins from within the logins tab of a customer or agent card.

Note: Impersonation is a good way to see what each Security Group has access to. However, the best way to test and confirm all settings are as expected is to login as a user with that security access. 

Adding Users to a Security Group

The last thing to do after the Security Group has been configured is to put users into the new group.
If you are wanting to add a new staff member to a particular Security Group you'd need to do so from their staff card; Home > Card Files > Staff List > Double-Click appropriate user and enter their card:


Simply tick the group that this user should be part of.

Note: Users can be added to multiple groups if required but this can cause conflicts and possibly unexpected results as, for example, one group may have access to something and the other doesn't. We recommend only allocating a user to ONE Security Group where possible as this can assist in ensuring all access is as expected. 

When adding customer or agent logins via an agent or customer card the type of login that user is assigned will be the default agent or customer login. 
If you wish to add an agent or customer user to a different Security group, go to the Customer Card they are part of, click the logins tab and double-click the user login you wish to change:




Note: It is not advised to provide a customer/agent login with staff-level type Security access.
If for any reason this is required, it is recommended that the user acquires a second, or new login, with the appropriate access.
Ensure thorough testing is carried out and all is as expected - before providing a user with access to you account. 

Modifying Security Groups

In Transvirtual we allow for customisation of Security Groups 

Click on your Profile name at the top left of your screen as below and select Enter Security Mode

You will now see a series of padlock   symbols appear next to menu options and fields within the screen
Simply hover your cursor over the padlocks and as below you will see a menu popup

You will see three options in the initial list 
  1. Set Security - Used to define who has access to the field this padlock relates too
  2. Security Groups - To define the general security for each group in relation to this field
  3. Impersonate - Allows you to replicate what the group can and can't see within your login
Primarily you will use Set Security if you hover over and move your cursor to the next list that displays you will see your security groups and some users
Hover over the security group or User you wish to allow or disallow this field to
You will see another list with options display allowing Read Write, Read Only and None
  1. Read Write - Access to view and change
  2. Read Only - Access to view only
  3. None - No Access to view or change
Depending on the default security settings for the group when activating access to a menu header this may open up access to all the sub menus if default is Read Write and not if Default Menu Security is set to None.
With regards to menu's you may wish as below to give access to Consignment Actions but not the Pickup Allocation window for some staff for instance and you would set the security for this group to none against the Pickup Allocation padlock


Always review the group access using the impersonate or login as a user in the group to ensure they only have access that you desire

In particular when dealing with finance windows, always review to ensure customer only has access to view the customer cost fields

Impersonating Security Groups

When Adjusting security settings for groups it will become necessary to review what is/isn't enabled.
Click on your Profile name at the top left of your screen as below and select  Enter Security Mode

You will now see a series of padlock   symbols appear next to menu options and fields within the screen
Simply hover your cursor over the padlocks and as below you will see a menu popup

You will see three options in the initial list 
  1. Set Security - Used to define who has access to the field this padlock relates too
  2. Security Groups - To define the general security for each group in relation to this field
  3. Impersonate - Allows you to replicate what the group can and can't see within your login
If you hover over Impersonate and tick the box next to the security group you wish to review, you can also look at a particular users access in this way without any security groups ticked. Then click Enable Impersonation

Your screen will then refresh to show you fields that will be included in this group.
To remove the impersonation simply however over any padlock still available and select Disable Impersonation within the same menu

Always review the group access using the impersonate or login as a user in the group to ensure they only have access that you desire

In particular when dealing with finance windows, always review to ensure customer only has access to view the customer cost fields

    • Related Articles

    • Invoice Group Rules

      Invoice Group - Customer and Agent Rule Setup Invoice Group rules in TransVirtual are used when you need to create multiple invoices for the same customer/agent within the same invoice period. The two pages that can be used to carry out this setup ...
    • Google Authentication - 2 Factor secure Login

      If required, TransVirtual has the ability to allow the setup of 2-factor logins which provides an extra level of security to your user logins. This functionality is useful for a number of reasons but it mainly comes in handy when a user login becomes ...
    • Initial Setup

      Initial Setup Steps to Setup your Account Task TransVirtual Page/Menu Location Purpose General Import/Enter company contact information Settings > General > Global Setup > Contact Details Tab Can be auto added to all reports including invoices Review ...
    • Staff List

      Creating a New Staff Card In your TransVirtual web portal menu, click on Home > Card Files > Staff List Click on the button in the top right corner of the page. Enter a new username, ensure it ends with a @yourcompanyname (no need to include a .com) ...
    • Search Consignments

      Search Consignments Filter The search consignment screen has a few hidden tricks that will assist in manipulating bulk consignments to suit specific requirements. To get to the correct screen go to Home > Consignment Actions > Search Consignments. ...