The system is highly flexible and granular in controlling what each user can and cannot do. Permission levels are managed by creating specific user groups and profiles, allowing user access to be managed down to the field level within forms. Additionally, multi-factor authentication and integration with single sign-on tools and services are standard options.