How to Customize SugarCRM Role Management to Struggle Data Security Risks

How to Customize SugarCRM Role Management to Struggle Data Security RisksAuthors: Katerina Burlaka and Andrey Shevchenko, CRM Consultants

The main threat to your customer data does not always come from external anonymous hackers. Forrester survey states that most data security breaches are caused by employees. So, how can businesses protect their invaluable customer data from this internal threat?

The responsibility for data security usually rests with IT department. It’s important to emphasize that for the most part customer data threat is caused by human error, not a malicious action. When it comes to customer data, Role Management mechanism provided in many CRM systems allows controlling data access that reduces risks significantly.

Working with SugarCRM, we can assure that its Role Management functionality is irreplaceable, as far as data safety is concerned. The problem is that SugarCRM Role Management cannot always be flexible enough to conform to the specific company’s requirements. Fortunately, simple SugarCRM development saves the situation. But how exactly?

3 Signs That You Need to Customize SugarCRM Role Management

The fact is that out-of-the-box SugarCRM Role Management functionality works as follows: a user while working inside CRM system has the possibility to view the records according to his Role restrictions, and by this, he has the possibility to edit only those records that are assigned to him. Moreover, Roles in SugarCRM work in conjunction with Teams form a robust security model for non-admin users in CRM system. SugarCRM Roles control user actions on records, whereas Teams control access to a record.

Many IT professionals face the need to customize SugarCRM Role management when they have to change a set of permissions for users to perform such actions as:

  • viewing information;
  • editing information;
  • deleting information;

Let’s take a look how to do it.

Besides, if you are interested in expanding SugarCRM capabilities to achieve greater business results, you may look through our technical blog that is specifically devoted to SugarCRM.

Go to technical blog on SugarCRM

How to Customize SugarCRM Role Management?

In the process of SugarCRM development, companies may encounter some unobvious pitfalls. Some time ago, we had completed the successful custom development project at the global IT company Ciklum. The project included modifications to Role Management. And now we want to share our experience.

So, the issue was to set up the viewing option of the records for managers from Ciklum Sales Department. Thus, the sales managers should have the possibility to view all the records inside CRM system, but, at the same time, they should be given the opportunity to edit the records only within their region (the managers work directly within their regions). Hereafter, it was decided to treat Teams as Regions just within this case.

In the process of this SugarCRM development, we’ve encountered the issues with out of-the-box Role Management functionality that didn’t allow to perform the necessary set-up. Despite the initial idea of solving the issue by customizing SugarCRM core functionality, the changes to the SugarCRM Role Management functionality would cause changes to the system kernel, which is absolutely non-upgrade safe changes.

As a result, it was agreed to implement the further solution: on the system-side we’ve set the admin-type access to the record editing option for Sales Department – therefore, editing function becomes available for Managers only for those records in which:

  • the current record’s Team (Region) coincides with the Team (Region) of the current user;
  • the Role of the current user is included in the flexible setting of the SugarCRM Role Management functionality.

Now a Sales Manager can do alterations to the record data only within their own Team (Region) records. And at the same time, a Country Manager of a particular region can control who makes changes and which changes are made.

The Results of the SugarCRM Development for the Company

Generally and as with Ciklum, custom development of SugarCRM Role management helps companies to achieve the next results:

  • Enhanced customer data security;
  • The possibility to align Role Management functionality with the company’s business model;
  • The implemented enhancement to the SugarCRM Role Management functionality is very flexible, it can be configured and adjusted at any time via the Administration panel, if needed;
  • Improved quality of the users’ work, because the data in the system are full, complete, correct and are always under control;
  • Better control and monitoring of the users’ actions within the CRM system.


To draw the conclusion, we can say that the arguments we have presented prove the efficiency of the SugarCRM development for Ciklum. We are always ready to provide companies with proper, competent assistance in order help them achieve the best results with their CRM systems. So, if you need our advice, please contact us by filling in the form below.

Leave your details and we’ll get right back to you
First Name

Last Name



I have read the Integros privacy policy and consent to the processing of my personal data.

Other guides on SugarCRM develpment:

Leave a Reply

Your email address will not be published. Required fields are marked *