Data Access Concepts

In Kaptio Travel, system administrators have several approaches to implementing security and sharing data.

Here is a list of different concepts to control data access within Kaptio Travel:

Object-level security

The bluntest way to control data is by preventing a user from seeing, creating, editing, or deleting any instance of a particular type of object, for example, an Itinerary or an Account. Object-level access allows you to hide whole tabs and objects from particular users, so that they do not even know this type of data exists. In Kaptio Travel object-level access is set with object permissions in user profiles and permission sets.

Field-level security

A variation to object-level access is field-level access. Here a user can be prevented from seeing, editing, or deleting the value of a particular object field. Field-level access allows you to hide sensitive information without having to hide the whole object. With Kaptio Travel you can set field-level access with field permissions as well as within profiles and permission sets.

Record-level security

To control data with a little more finesse, you can allow particular users to view an object, but then restrict the individual object records that they are allowed to see. For example, record-level access allows a sales agent to to view and edit his own Itineraries without exposing his Itineraries to everyone else on his team, except to his managers. Kaptio Travel has several ways of setting record-level access rules as follows:

  • Organization-wide defaults allow you to specify the base level access for users within your organization. For example, you can set the default so that all users can see all records of a particular object to which their object permissions give them access, but that they will need extra permissions order to edit these records.
  • Role hierarchies ensure that a manager always has access to the same records as his or her subordinates.
  • Sharing rules allow automatic exceptions to organization-wide defaults for particular user groups. Manual sharing allows record owners to give read and edit permissions to other users who might not have access to the record in any other way.

The combination of all these sharing and security settings in Kaptio Travel means that you can easily specify user permissions for an organization of hundreds of users without having to manually configure the permissions for each individual.

You can find further details on how to implement these concepts in the Profiles, Permission Sets and Roles article.