2 options for different objectives, hopefully this helps. 1. Data Access Control https://knowledgecenter.zuora.com/CF_Users_and_Administrators/A_Administrator_Settings/Data_Access_Control This requires some consideration of how all users and all Accounts (or Products) will be assigned initially, when created and then when maintained for the control to be practically effective in an ongoing operation. So, "solve process before technology". The restricted user now loses access to all Reporting. Basically, the control does follow the transaction, so the restricted user can only follow the transaction data through the UI that aligns to their access, but this restriction attribute is not visible from Reporting, so that remains all or nothing; the default must be nothing. The net result is any restricted user loses access to Reporting. The work around is to create a 2nd user id for the user (or just to a selected Super User/Manager), giving them the highest node of access so they can get Reporting, but for all other functions of that 2nd user id, give them the No Access role described below. Overall, as I outline below, this manages the risk of data maintenance but leaves the data visibility problem. 2. Create a No Access role A different option is just to manage the Role, remembering this will limit the risk of maintenance to the data but you also need to restrict other functions like Reporting to limit viewing of data. Steps: As a Platform Admin, go to Manage User Roles Select the function you want to manage from "View Role List of:" for example, select Payments Select button "Add new role" Call the role something obvious, for example "Z-Payments - No Access" Uncheck all the allowed options, so the role is essentially empty, Save. Go to Manage Users, select the user and then Edit Update that user for that function to the newly created "Z-Payments No Access" option. Save. My conclusion is that one can manage the risks for internal access and manage some controls like separation of duties, but these options are not effective for data security. This situation improves somewhat in a multi entity structure, where a user cannot see across to another entity at all, but the overall problem would still remain within each entity.
... View more