Authorization can be done at several levels of granularity as follows:

• Office security groups: Authorizes users at the instance level. Office security groups can be synchronized with local Active Directory security groups
• Security roles: Authorizes access at the entity/business unit level
• Access teams: Authorizes access at the record level
• Field level security profiles: Secures access at the field level

More details about authorization can be found in Chapter 7, Security.