Sage SSO security has a major flaw, it doesn't link to, match, or follow the Sage CRE 300 record security. First of all it is inefficient and cumbersome. Second and most importantly it creates a huge security risk (similar to the risk of how the CRE 300 export to excel files used to be stored and accessible to anyone).
SSO security, even if separate module, should link to CRE 300 security at a base level, including record security so that all company/employee/job data is not at risk of exposure to employees who should not have access. Ideally it would pull in the security from the underlying product and built upon it so record security is maintained.

Comments