When privileges are assigned to a User or a Group, they are applied to any Project they have access to. Unless there is a role that requires always the same level of access regardless of the Project, such as the Administrator or a Power Architect, this security design is not recommended. A Security Role is necessary to provide different levels of access and privilege sets to different Projects.

The following is a quick reference table for a MicroStrategy Security Role:

A Security Role is a Configuration Object with a set of privileges that can be associated to Users and Groups for a specific Project.

The main difference with User and Group privileges is that Security Roles apply the privileges on a project-by-project basis. This allows administrators to fine tune the level of access and functionality for Users and Groups, depending on the Project and not on the User Role. With Security Role, a user such as smith could have almost administrative privileges in one Project while only Report execution in another and even no access to a third one.