Security Enforcement Strategy in Previous Releases
This section describes the security enforcement strategy in previous releases of ServiceMax, including upgrade considerations and also the features affected by CRUD and FLS permissions enforcement.
Upgrade Considerations Related to Security
The following upgrade considerations need to be taken in to account before upgrading to this release:
• The security enhancements related to CRUD and FLS are not applied by default after upgrade, as the global setting
GBL031 is set to False by default. But, Sharing Settings are applied by default after upgrade. However, it is recommended to test the upgrade to this release with all the security enhancements applied, as described in this section. This will help refine and restrict access to objects, fields, and records to different types of ServiceMax users.
• Upgrade to this release should be first done in a sandbox, with the new setting GBL031 set to True for the active global ServiceMax configuration profile. Then a complete end-to-end testing of all the business processes must be executed, covering both configuration and delivery screens.
• If any issues are faced, setting value can be changed to False to confirm that it is because of the security enhancements. Then update the CRUD and FLS settings for the affected Salesforce profiles, to provide access to the required objects and fields. Update the setting to True again and re-execute the failed tests.
• Refer to data model sections in online help to know the list of associated objects for any feature.
Features Impacted by All Changes
List of features impacted by all the above changes is given below:
• All the configuration screens in ServiceMax Setup home page Installed Product Counters & Warranties
• Interactive Entitlement on Case and Work Order
• Installed Product Counters & Warranties
• Work Order & Service Contract Invoicing
• Service Parts and Reverse Logistics consoles & engines
Features not mentioned above apply security checks out of the box by default fully or partially, or based on existing configuration settings. For such features, the enforcement of security and key exceptions are covered in the following sections.
Features with No Change in Behavior
Features with no change in behavior from previous releases:
• Features that auto-populate Case information based on business rules – apply CRUD, FLS, and Sharing Settings always:
◦ Auto Entitlement
◦ SLA Clock
• Features that auto-populate Work Order information based on business rules – apply CRUD, FLS, and Sharing Settings always:
◦ Auto Entitlement
◦ SLA Clocks
◦ MTTS
◦ Primary Territory matching
◦ Preferred Technician calculation
◦ Dispatch Process matching
• SFM wizard delivery screen applies CRUD, FLS, and Sharing Settings always
• SFM search delivery screen applies CRUD, FLS, and Sharing Settings always
• Inventory Engine applies CRUD, FLS, and Sharing Settings always
• Mobile apps apply these settings based on existing settings under module ServiceMax iPad Client and submodule Synchronization: SET008 (global) and SET014 (group).
Features with Some Change in Behavior
Features with some change in behavior from previous releases:
• Dispatch Console applies CRUD and FLS based on GBL031 (changed behavior). It does not apply Sharing Settings, but controls data access internally through business logic (no change in behavior from previous release)
• Data Lookup Rules engine applies CRUD and FLS based on GBL031 (changed behavior). It applies Sharing Settings always (no change in behavior from previous release)
• SFM Delivery applies CRUD and FLS always (no change in behavior from previous release). It applies Sharing Settings (changed behavior)
• Linx for ServicePower and Schedule Optimization engines, which process work orders and their schedules, apply CRUD and FLS based on GBL031 (changed behavior). They do not apply Sharing Settings, but control data access internally through business logic (no change in behavior from previous release).