Recommended MIS Security Settings



Similar documents
An online up-to-date version of this document is available on the Scomis Frequently Asked Questions website

IBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3 April 8, Integration Guide IBM

EnterpriseLink Benefits

Active Directory Sync (AD) How it Works in WhosOnLocation

Adam Rauch Partner, LabKey Software Extending LabKey Server Part 1: Retrieving and Presenting Data

Sage CRM Connector Tool White Paper

Mitigating Risks and Monitoring Activity for Database Security

Implementing a Data Warehouse with Microsoft SQL Server

E-Gap Terms and Conditions of Use

IBM Campaign and IBM Silverpop Engage Version 1 Release 2 August 31, Integration Guide IBM

Leverage SharePoint with PSI:Capture

Best Practices: Extending Enterprise Applications to Mobile Devices

The PIRUS Code of Practice for recording and reporting usage at the individual article level

Microsoft. Course 20463C: Implementing a Data Warehouse with Microsoft SQL Server

East Asia Network Sdn Bhd

ABFAB and OpenStack(in the Cloud)

Hubcase for Salesforce Installation and Configuration Guide

Working with Structured Data in Microsoft Office SharePoint Server 2007 (Part1): Configuring Single Sign On Service and Database

Data Mailbox. support.ewon.biz. Reference Guide

BENEFITS OF MOBILE DEVICE MANAGEMENT

Implementing a Data Warehouse with Microsoft SQL Server

Update and Installation Guide for Microsoft Management Reporter 2.0 Feature Pack 1

Share Point Document Management For Sage 100 ERP

Client SSL Integration Guide

ICT SUPPORT SERVICES

Evaluation of different Open Source Identity management Systems

COURSE 20463C: IMPLEMENTING A DATA WAREHOUSE WITH MICROSOFT SQL SERVER

Implementing a Data Warehouse with Microsoft SQL Server

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

Quick Start Guide. Contents. Quick Start Guide Version 1.0 webcrm November 09

Review Manager Guide

Setting up a Scheduled task to upload pupil records to ParentPay

Cashless Payments. An online management tool for schools. Key benefits

PSW Guide. Version 4.7 April 2013

Distributed File System Replication Management Pack Guide for System Center Operations Manager 2007

VIEWPOINT INTEGRATION

Asset Register Asset Care Plan Developer On Key Analytics Maintenance Manager Planning and Scheduling On Key Interface Tool

Feature. Auditing SQL Server Databases Using CAATs

General Practice Extraction Service (GPES)

Implementing a Data Warehouse with Microsoft SQL Server 2012

Authentication Integration

Deploying iphone and ipad Mobile Device Management

Kroger Supplier Information Management System (SIM) Training Documentation

IAPT Data Standard. Frequently Asked Questions

Authentication and Single Sign On

Web Site Download Carol Johnston

SAP Business Objects Security

Business Gateway vendor test guide

How to Order and Install Odette Certificates. Odette CA Help File and User Manual

AUSTRALIAN ENGINEERING COMPETENCY STANDARDS STAGE 2 -

Quick Start Guide. IT Management On-Demand

Upgrading a Microsoft Dynamics NAV 2009 R2 or Microsoft Dynamics NAV 2009 SP1 Database to Microsoft Dynamics NAV 2015

Managed File Transfer in Enterprise Java Applications

Implement a Data Warehouse with Microsoft SQL Server 20463C; 5 days

MassTransit Leveraging MassTransit and Active Directory for Easier Account Provisioning and Management

Synchronization Agent Configuration Guide

How to save money with Document Control software

How to Order and Install Odette Certificates. Odette CA Help File and User Manual

White Paper BMC Remedy Action Request System Security

Internet Services. CERN IT Department CH-1211 Genève 23 Switzerland

Mimecast Large File Send

Audit TM. The Security Auditing Component of. Out-of-the-Box

SAS IT Resource Management 3.2

SQL Server 2012 Gives You More Advanced Features (Out-Of-The-Box)

DIVISION OF INFORMATION SECURITY (DIS)

1 What Are Web Services?

Supplement to Gaming Machine Technical Standards Consultation

IBM BPM V8.5 Standard Consistent Document Managment

Capita SIMS Partner Development Support Charter

Service Agreement SURE Project Workspace

EDE Electronic Data Exchange Instructions April 2007

Capturx for SharePoint 2.0: Notification Workflows

Add User to Administrators Group using SQL Lookup Table

Content Protection in Silverlight. Microsoft Corporation

How To Use Directcontrol With Netapp Filers And Directcontrol Together

Service Overview CloudCare Online Backup

HR Onboarding Solution

Leveraging MassTransit and Active Directory for Easier Account Provisioning and Management

A Java proxy for MS SQL Server Reporting Services

Quick Connect Express for Active Directory

Using Query Browser in Dashboards 4.0: What You Need to Know

1 Introduction. Ubuntu Linux Server & Client and Active Directory. Page 1 of 14

Administering Group Policy with Group Policy Management Console

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

Guide to Configuring the UHU Wireless Network for Windows Vista

Transcription:

Recommended MIS Security Settings Page 1 of 7 Xporter Edition This information applies to all editions of Groupcall Xporter. Version Control Date Author Notes 1 2010-11-22 Tim Verlander 2 2010-11-23 Tim Verlander Highlighted impact of minimum settings on multiple extracts

Contents Xporter Edition... 1 Version Control... 1 Xporter Recommended MIS Security Settings... 3 Are the Recommended MIS Security Settings Safe?... 4 Page 2 of 7 Credentials... 4 Data Selection... 4 Data Agreement... 4 My Organisation Cannot Use the Recommended MIS Security Settings... 5 Identifying the Minimum Necessary MIS Security Settings... 6 Where can I go for further information?... 7

What is Xporter and why is it being installed? Groupcall Xporter is a versatile data extraction tool and can take information from a wide variety of systems, including the most common School MIS systems, and present it to other systems in a standardised format. Many companies choose to use Groupcall Xporter to extract data for their software in order to simplify the data extraction process by not needing direct access to the many different MIS systems in use. The company that supplied Groupcall Xporter to you has approached Page 3 of Groupcall 7 and provided us with a data specification, which Groupcall Xporter produces by querying your MIS system, and a secure upload mechanism, which Groupcall Xporter will use to transmit the data. Groupcall Xporter is used by a wide number of different vendors, including cashless catering, payment systems, library systems, attendance reporting software and local authorities. Xporter Recommended MIS Security Settings Because Groupcall Xporter is a versatile data extraction tool and provides data extracts for a very wide variety of systems the support requirements can be very complex and vary depending on what Xporter is being used for and where it is extracting data from. In order to simplify the customer setup and support experience Groupcall makes a recommendation on security settings for MIS access that provides a good balance of versatility, security, simplicity and supportability. The recommended MIS security settings for the two most common MIS systems are detailed below. If you are using a MIS system that isn t listed them please contact the Groupcall partner that provided you with Xporter for details of the recommended MIS security settings. For Capita SIMS.net Groupcall recommends the following group memberships for the user accessing SIMS: Personnel Officer School Administrator Senior Management Team Third Party Reporting For Facility CMIS Groupcall recommends use of the stud_admin schema, via the STUD_ADMIN user.

Are the Recommended MIS Security Settings Safe? The recommended MIS security settings for data extraction are designed to expose all information within an MIS for potential extraction by Xporter. Xporter security covers three areas: Credentials Xporter encrypts the password used to access the MIS system such that it cannot be used by anything other than Xporter. Page 4 of 7 Data Selection Xporter cannot arbitrarily access data, it only extracts what it has been scripted to obtain. Data Agreement Data agreements are a legal enforceable agreement (in the case of statutory data collection by Local Authorities data agreements may be implicit) between the Groupcall partner providing Xporter and the organisation that Xporter has been installed in. They specify the scope and purpose of data collection. An Xporter extraction will be designed to the specification of the Groupcall partner and will therefore comply with the data agreement.

My Organisation Cannot Use the Recommended MIS Security Settings If the requirements of your organisation do not allow use of the recommended MIS security settings then there are a number of options available to you: If the organisation does not allow one individual to hold the recommended MIS security settings then a dedicated account can be created for Xporter to use. This ensures that there is no sharing of MIS accounts and that the account is only used for defined Xporter extracts. Page 5 of 7 If the organisation does not allow MIS accounts that do not belong to individuals then Xporter can be configured to run using a SIMS account belonging to a specific person with the necessary security rights. In this configuration Xporter would automatically share the account with the individual it belonged to. If the organisation requires human intervention for data extracts then the data extraction can be executed manually by setting and clearing the Xporter MIS password value. This means that extracts can only be run under immediate supervision of an individual with the appropriate rights to SIMS and would not be able to run automatically. If the organisation requires the minimum necessary MIS security settings to be applied instead of the recommended MIS security settings then these can be identified and applied. This requires identification of the minimum necessary MIS security setting for each column in an extraction, including those used internally during generation, and then configuration of MIS security settings to support an aggregation of those minimum necessary MIS security settings.

Identifying the Minimum Necessary MIS Security Settings For any given extract there may be a smaller subset of the recommended MIS security settings that would allow successful data extraction. This subset is called the Minimum Necessary MIS Security Settings and is likely to vary for each extract configured. Because Xporter uses a single account to connect to an MIS this means that it will be necessary to aggregate multiple sets of Minimum Necessary MIS Security Settings into a single set of permissions in order to run multiple extracts. If an organisation requires the identification of the minimum necessary Page MIS 6 security of 7 settings then Groupcall can supply details of the columns being extracted from MIS to calculate and output an extract. Your organisation can then apply their local knowledge to identify and assign specific security rights. Please be aware that while Groupcall will support any customer using minimal security requirements, the following conditions apply to this: If an issue is investigated and the cause is identified as use of security settings other than the Recommended MIS Security Settings then the support time in identifying and resolving that issue may be chargeable. If an organisation wishes to engage Groupcall to identify the minimal security requirements for a specific report then this work may be chargeable.

Where can I go for further information? Groupcall recommends that, in the first instance, you should contact the company that supplied Groupcall Xporter to you as they will know most about their software, the data extracted and how the data is transmitted and used. Page 7 of 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information