We've created a set of ready-made permission groups. By adding an employee to any of these groups, you give them the standard permissions for the group.
- You control the permissions - We have set the groups up with some defaults, but you can change them to suit your company.
- Only active employees can be added to permission groups
- Some data is defined as 'Public' (i.e. personal and work details). Everyone has access to view it, though editing may require granting permission.
To review and edit permissions, go to Settings > Roles and Permissions
We started with the 4 groups that allow for basic functionality of employees, managers and admins:
Default groups explained
Admins: This is the most powerful role with unlimited rights. Be careful with this one - with great power comes great responsibility.
Managers: Making someone a Manager provides enhanced permissions over the manager's direct and indirect reports. When managers view anyone else in the company, i.e someone who doesn't report to them, they'll inherit the permissions of the "All Employees" group meaning they can't manually add/remove people.
All employees: Have a limited amount of view rights and almost no actions on everyone else. This it usually the lowest permission level. This group contains everyone in the company (you can’t manually add/remove people).
Profile owners: Defines what employees can see and edit on their own profile (can’t manually add/remove people).
To review and set permissions for a group, click “Manage group”.