Discussions
Read on for the latest updates including:
• Agenda Builder launch
• SuiteWorld On Air registration
• New NetSuite Prompt Studio Contest
• And more!
Check out this thread to learn more!
Don’t miss your chance to meet our SuiteGurus—NetSuite Support professionals and subject matter experts with extensive experience in select product areas, including OneWorld, Advanced & Basic Accounting, Supply Chain Management, Receivables & Payables, CRM, Account Administration, and the SuiteCloud Platform. Full Conference attendees can prebook exclusive 30-minute one-on-one sessions for your product questions.
Spots are limited! Register through your Agenda Builder and find SuiteGuru under Agenda Enhancements.
Too many security holes in NetSuite
This is unbelievable. I can't believe the lack of security applied to NetSuite when it comes to permissions and roles. Here's a couple of examples:
1. Set up a saved search to lookup customers with specific fields set (to ensure that the user can only see customers with these fields set). Restrict the saved search for 'Customers' to the user's role.
Result: Run the saved search under the specified role and only the customer's you expect show in the list. HOWEVER, in the lower right is the 'Edit View' button to allow them to edit the view. In other words, you CANNOT prevent the user from editing a saved search! You can stop them from saving it under the same name but they can edit it, remove the criteria that prevents them from seeing other customers, hit the preview button and voila, they have view and access to the list of customers you don't want them to see. SAVED SEARCHES ARE