SmoothPay provides flexible user access controls to ensure the right people have appropriate access to your payroll system whilst maintaining security and compliance. These controls are only available to the designated Owner on the account.
User roles and access levels
SmoothPay supports different user access levels:
Owner
Full access to all system functions including all payroll processing functions, user management, system configuration and access to all reports and data. Can only be changed by support staff, one per account.
Admin
Access to the same payroll functions as Owner apart from, user management and some system wide changes that can be made.
User
Access to the same payroll functions as Admin but cannot restore from backups.
Adding new users
To add a new user to your SmoothPay system:
Click on your profile name at the top right of the screen.
Click on the Add user option
Enter users first name and surname in the first field separated by a space
Enter the user's first name or perferred name in the second field
Enter the user's email address in the third field
Select the desired access level from the drop down menu
Click Create user and send credentials
The user will now receive an automatically generated email which includes their username and password.
Managing existing users
You can modify user access at any time:
Click on your profile name at the top right of the screen
Click on Manage users
Click on the user's name
Select the company under the user's name that you want to adjust access to
Click on the "None", "Read-only" "User" or "Admin" depending on what access level you want the user to have.
Click Save
The changes take effect immediately.
Removing user access
If you need to remove access to a single company, use the "None" option when selecting what acess level a user should have. If you need to delete a user altogether so they have no access to the platform at all:
Click on your profile name at the top right of the screen
Click on Manage users
Click on the user's name
Click the Delete button
The user will no longer have any access to the platform at all, as the user will have been deleted. The user will however still appear in any audit trails.
Security best practices
Password management
Ensure all users maintain strong, unique passwords.
Encourage users to update passwords regularly.
Never share login credentials.
Access control
Only grant access to users who require it for their role.
Review user access regularly and remove access for users who no longer need it.
Use the principle of least privilege - grant the minimum access necessary.
Audit trail
SmoothPay maintains a record of user actions.
Regularly review audit logs to ensure appropriate use.
Be aware that all actions are logged and traceable.
Multi-user considerations
When multiple users access SmoothPay simultaneously:
When a user has actioned process pays, the system remains locked until it is completed. This prevents data corruption and conflicts.
Multiple users can view reports and employee records simultaneously.
Changes made by one user are immediately visible to other users but may require clicking on the relative option on the navigation bar to see the update.
The system will notify you if another user is currently processing a pay run, by stating the payroll is locked.