I’m looking for suggestions on how to hide opportunities, activities and contacts from all users except for ADMIN and a defined team of users. We are using SalesLogix 6.2.6 client (expecting to upgrade to 7.5 later this year). Currently, the only built-in security mechanisms we use are the flags that identify whether or not a user is permitted to create a new account, contact, opportunity, etc. All of our users are currently permitted to view all of the data in the system. However, we would like to somehow flag some opportunity, activity and contact records so that they are not accessible by the general user community due to sensitive information. We will need a way for a defined team of users to access these records and set/unset the flag to hide/show the records from the general user community.
The other complication is that we have invested significant effort in developing external tools that interface with the SalesLogix database. If a record is flagged as hidden, these external tools will need to have access to the flag so that they can hide the records as well.
SalesLogix has built in mechanism to deal with Data access.
From your description, seems as if you are looking to create a team with a selected set of users, and then making your data owned by that team to restrict access to it by other users.
On top of that, you could use Field Level Security to further restrict who can Modify the data.
Also, for the Calendar there is Calendar Security that keeps users from accessing other user’s calendar, this may be a more tricky part to control on a per Activity basis, but it will depend on your needs.
Also, if your external tools were built on top of the SLX OLEDB Provider (or even the SLAPI), security would carry over as well (off course, as long as not login in as ADMIN without Impersonation).