A little Best Practice advice please

I’m looking for some “Best Practice” advice please.
We’ve been running SuiteCRM for ages, so it’s populated with our customers. We have a new sales person who wants to use Suite. But I don’t want him to se our existing customers, well that works fine. But recently he’s asked of he can try some of our dormant accounts.
I want to give him access to the details of the specific accounts we agree to, including their contacts and associated notes. There are only going to be 6-10 at a time, lasting several months.

What would be the best way to set this up? Are there any guides I could follow?

Thanks

You will need to work with security groups and roles.

I’ll recommend you to:

1. Create a security group called RestrictedGroup (for example)
2. Create a role called RestrictedRole (For example).
3. Tune up RestrictRole. Allow user on this role to access group records only.
4. Assign the restricted user to RestrictedRole
5. Assign the restricted user to RestrictedGroup
6. Assign all required accounts to RestricteGroup

That should allow you to control what accounts the restricted user has access to.

More on roles and security groups here: