In record level security, you determine a security role's access to specific hub records.

Record level security is implemented via the Vantagepoint lookups. After you specify the role's access to records, the lookup results list displays only those records to which the role has access rights. The users that are assigned to that role can only navigate to the Vantagepoint records to which they are granted access. You can also control whether a role is able to update a record or only view the record's contents.

Example: If you set the Read Level for the Projects hub WHERE Project Manager (the role) EQUALS John Jones AND state EQUALS Kansas, then the project manager named John Jones has read level access to the Projects hub records for the state of Kansas.

In addition to granting or restricting access to individual records, Record Level Security also supports granting or restricting access to hierarchical record structures. One possible hierarchical structure is the project (Level 1), phase (Level 2), and task (Level 3) structure related to the work breakdown structure. For example, if a role has access rights to a project, then that role will also have access to all phases and tasks within that project. However, if a role only has access to a specific phase within a project, the role can only access tasks within that particular phase; the role cannot access other phases or tasks, either within the same project or in other projects.