Recently I found myself reviewing a behavioral issue in SugarCRM that coincidentally had affected another user a few months prior.
While reviewing the matter, it became evident it fit in nicely with the list of reasons it is generally not a good idea to use a single install of SugarCRM for multiple businesses, commonly referred to as a multi-tenant implementation.
This time around, the issue revolved around email and the manner in which messages link themselves to records in SugarCRM. In general, SugarCRM utilizes the email addresses associated with a record to determine which records should be linked to the message. Thus, the FROM, TO, CC and BCC addresses on a message are all relevant because if the address is associated with a record in SugarCRM -- be it an account, contact, or other -- the email message will automatically associate itself with that record. Said message would, for example, appear on the History subpanel of the contact with the matching TO address, as well as that of the contact with the matching CC address. Herein lies the potential problem.
Within an implementation intended to conform with multi-tenancy standards, the record with the TO address may not be accessible to a user that does have access to the record with the CC address. Perhaps the records represent individuals in different territories or serviced by different business units, etc. Whatever the reason, it is possible that a given user of the system does not have access to both records that correspond with the two email addresses.
Regardless, the email message is linked to both records and History information could be exposed to unintended users. Take note that security issues of this type often times cannot be addressed as they are a direct result of the architecture of SugarCRM.
Thus, once again, one should heed the warning that problems may arise (sometimes not readily apparent), if one chooses to use the system in a multi-tenant manner.