Security Profiles

A security profile is essentially a set of configured permissions. The same identity providers and identities can be used in multiple security profiles. Only one security profile can be active at a time for a site.

There are three security profiles available for use initially:

Default: For configuration by user. The Everyone group comes with a base set of permissions for non-administrative users.

PVbasic: Groups equivalent to legacy password system.

UAbasic: A four-tier security model: Everyone, Operators, Power Users, Administrators.

To use the PVbasic or UAbasic security profiles, create PARCsecurity or Active Directory identities and add them to the appropriate groups. See Initial Security Profiles for more information.

The Security Profiles interface shows the configured permissions sets.

Permissions are configured by security profile, so the same list of identities can be used to configure permissions for multiple profiles.

Notes:

Be aware that tag permissions on the Everyone Group for all security profiles except the Default profile will default to Take No Action for all Locations and Sources, meaning only administrators will initially have access to tags. Make sure to grant appropriate tag permissions before activating a security profile. See Tag Permissions for more.

Sites can also create their own new security profiles. For example, in an enterprise environment, security profiles may correspond to locations if a central security database is used.

It is recommended that a security profile be built for a site before deploying out PARCsecurity in order to avoid locking out users or allowing access to restricted areas.

If upgrading from 5.x with PARCsecurity, the old PARCsecurity “Locations” will be mapped to security profiles.