What do you do if you run Epicor ERP and need to keep some things private?

This is not something that comes up a lot, but it can. If you deal with customers who have strict secrecy requirements, then communications, enquiries, quotes and so on might need to be restricted to approved staff. You may work with NDAs (non-disclosure agreements) or have other confidentiality arrangements.

And Epicor, since it works well on-premise, is a good ERP for the privacy-conscious.

But while security in the ERP system is excellent, and has become better and better with successive recent releases, it’s focused on access to different parts of the system. Natively, you can’t easily allow a user to see some of one type of record but not others.

Which is why it’s great news that Epicor is so customisable.

Once there are clear rules for allowing access (which you as the business would know best) you can intervene as the records are fetched.

For each type of record that needs restricting, there are typically three methods on the business object that return the core data: GetByID, GetList and GetRows.

For most of these, across all the system, you can add a Pre-Processing method directive which adjusts the “where” clause for the requested data in the background. The “where clause” is the description the system sends to itself of the exact records needed - for example all the open sales orders for a particular customer. If it’s adjusted according to the agreed rules, then bingo! The user sees only the records they’re allowed to see.

It isn’t intrusive - there’s no “access denied” or anything - just the filtered version served up as normal.

And what’s particularly good about this is that it doesn’t matter where in the main interface the user is, because those methods supply the data for all of it (with a few caveats to be aware of).

No special versions of forms or screens, no running to catch up if something changes and there are new ways of accessing the information. It just works in the background, whatever the interface.