Q.01 How does ManageMore handle user security? |
A.01 ManageMore uses a separate program called the "Security
Administrator" for securing all aspects of ManageMore as well as other
Intellisoft programs. Within the Security Administrator, one can
define security settings per user or create security groups and assign
users to those groups. The Security Administrator relies on hundreds
of resource settings to tell it how to secure ManageMore and other related
programs. Security can be scrutinized at the menu, window and
field level of the application, for a truly secure environment.
|
Q.02 I have employees who should not have access to some function
in ManageMore, How can I prohibit access to certain areas of the program? |
A.02 Simply add the employee as a user to the Security
Administrator program and assign him to a security group that restricts
access to that part of the program. You can also override security
settings for that user only if you prefer.
|
Q.03 I forgot my login password to ManageMore. Is there a back door? |
A.03 Since this is a problem that happens periodically
(Don't be embarrased... happens to many of our customers), Intellisoft
provides 2 security back doors. The first backdoor is a global password
you create in the Security Administrator (File... Global Security Options...
Back Door) that will allow you complete access to the program.
If by chance you do not remember your own back door password, Intellisoft
has its own back door password so that you can gain access to the program
(Note: Intellisoft's back door password is a unique 8 digit coded algorithm
that changes daily. So do not worry about any weakness in the
security of ManageMore).
|
Q.04 Can I audit the different activities of an employee using ManageMore? |
A.04 Yes. The Security Administrator offers settings for auditing
the in's and out's of processes visited by an employee from within ManageMore.
This can be useful if you suspect that an employee is doing something
unusual or want tabs on when an employee actually performs certain jobs
in the day.
|
Q.05 Can the Security Administrator be secured from employee access? |
A.05 Yes it can. The Security Administrator can prohibit
users access to itself. When a security user is created within
the program, there will be a checkbox settings that allows a user to
gain access to the Security Administrator or not.
|
Q.06 Are there other security settings besides those in the Security
Administrator? |
A.06 Take the time to go through the setup area of ManageMore
for some additional restrictions and passwords that can be created for
special circumstances (e.g. refunding invoices, reversing payments,
etc.). The document management functionality of ManageMore
also has its own security settings that allow you to define security
rights for each filing cabinet created.
|
Q.07 ManageMore Security levels are excellent, but can be difficult
to learn the resources for securing the program properly. Are
there any tips for setting up security easier? |
A.07 The best way to visualize your security settings and see
if you have properly chosen the correct resource to secure is to open
the Security Administrator and ManageMore at the same time. Login
to ManageMore with the employee you want to give restricted access,
then switch back to the Security Administrator and make your resource
changes and press OK. Now, switch back to ManageMore and test
the results of the security resources you changed. Intellisoft designed
the Security Administrator to be network compliant and allows additions,
changes and deletions of security rights while other users are in the
system. It is fairly simple to switch back and forth between programs
to get a hands-on look at what you are securing.
The other tip is to use the Security Groups provided with the
program to assign access rights for your employees. Although
ManageMore allows you to go to the individual security user and lock
specific resources, we recommend against it.
Maintaining security groups will make it much easier when adding new
users later on.
|
Q.08 I have recently upgraded to a new revision and have some new
features that I need to secure from employees. How do I accomplish
this without disrupting existing security? |
A.08 As of ManageMore 6.0 and on, the new resources added as
a result of new functionality in the program are automatically
assigned to the default security groups that come with
ManageMore. If you have used the default security groups that
come with ManageMore, you won't need to do much in way of security
settings.
|
Q.09 I notice the Security Administrator is all based around
hundreds of Resource Id's, What exactly is a Resource Id? |
A.09 In order to give you total control of the program, Intellisoft
provides you with the ability to setup menu and field level security
for your employees. Each menu item and field contained within
the program is called a "Resource Id". You can manually lock
or unlock any Resource Id for a given employee or security group.
There a literally hundreds of Resource Id's within the program that
make-up the vast capabilities of ManageMore. We recommend you
to consider using the security groups as an easier way to grant
access to the program, rather than attempting to identify each
Resource Id individually.
If you need quick assistance with a certain field that you want
to prohibit employee access to, please contact our technical support
for immediately identifying the resources. Typically, the
resource description will be descriptive enough for you to
understand what feature is being locked/unlocked.
|
Q.10 Are there any other security measures I should consider beyond
those provided by ManageMore? |
A.10 As good as the security seems from within ManageMore, there
are always other areas that get overlooked by many companies that do
not put enough time, money and effort in security matters. The following
is a list of common security measures that should always
be done:
- Do not allow users to create passwords less than 4 characters
in length.
- Make sure that users only have access to the programs they need
on your computer network. Your administrator should remove programs
like MS Windows Explorer or any other File Maintenance utility which
allows users to gain access to the hard drive and easily delete or
copy your database without your knowledge.
- Consider disconnecting most floppy drives and CD-ROM drives from
workstations on a computer network. This eliminates the possibility
of users copying information from your computer or possibly infecting
your system with a computer virus.
- If you allow computers to connect to the internet or have internet
access throughout your network, strongly consider the purchase of
software firewall programs and commercial grade anti-virus applications
to protect from unknown intrusion.
- If you allow employees to receive emails, consider the elimination
of file attachments. They bring more headaches to a company
than its worth. ManageMore's Email Pro is a great commercial
strength email management tool and a better alternative to weaker
security prone mail browsers like MS Outlook Express.
- Periodically check out www.microsoft.com
for security updates and patches on their operating system, internet
browser and web server . Microsoft is constantly finding open
back doors and weaknesses in its products that can exploit your computer
network to outside hackers.
- Always backup your computer hard drive and have at least several
tape backups in constant rotation throughout the week. Also,
take one tape out of rotation and off premises periodically.
Performing computer backups is by far the most important of
all steps because it acts as a safety net in the event of a
major security breach.
- Read the security topic in the ManageMore User's Guide for
more information on securing your database.
|