Frequently Asked Application Security Questions
Does your solution limit access by user ID and password?
Does your system offer restricted access based on user ID and/or group?
Can you display and/or print the audit trail of the user access log?
Can you require users to change their password on a specified periodic basis?
Can you generate a user activity report with different parameters?
Are user passwords encrypted?
Is there a lockout function after a specified number of unsuccessful logon attempts?
Does your system support alphanumeric passwords?
What control does the end user have over their passwords?
Does your solution limit access by user ID and password?
Yes. Both the Enterprise Platinum and Gold edition of PMAPS®, the versions where users can make edits to the data, requires full authorization using a user name and password. Within this version there are three major levels of entitlement into the application: Administrator, Supervisor and Basic User.
Our Web Read-Only version (“a self-service portal”) of the software allows any employee, who has access to company Intranet, to access the data in PMAPS® …but on a read-only level. There is no user ID or password required for this version but users must have rights to the company Intranet so the password sign-on at the network level is what determines access. All data files in this version are XML.
return to top
Does your system offer restricted access by user ID and/or group?
Yes. See above answer. In addition, editing rights to different portions of the database may be restricted by line of business dependent on the sign on ID.
return to top
Can you display and/or print the audit trail of the user access log?
Yes. PMAPS® tracks and creates full, comprehensive reports on all user activity including time on system, time per proposal, time per month, which specific modules are being used, and many more.
return to top
Can you require users to change their password on a specified periodic basis?
Yes. The PMAPS® Supervisor has the ability to set how often the users must change their passwords.
return to top
Can you generate a user activity report with different parameters?
Yes. PMAPS® tracks and creates full, comprehensive reports on all user activity including time on system, time per proposal, time per month, which specific modules are being used, and many more parameters.
return to top
Are user passwords encrypted?
Yes, but a PMAPS® Supervisor can access and reset them. No involvement from the client’s IT team is required to create, edit or delete any user information in PMAPS®. After a Supervisor resets any passwords that user is prompted to change their password the next sign-on.
return to top
Is there a lockout option after a specified number of unsuccessful logon attempts?
The user has three opportunities to enter the correct user ID and password to the application before being denied access and the application exits.
return to top
Does your system support alphanumeric passwords?
Yes. The password field must contain both characters and numeric data with a minimum length is (8) characters and a maximum of (25).
return to top
What control does the end user have over their passwords?
The end user has the ability to create their own passwords and change them whenever they wish. However, the Supervisor can remove users and force recreation of their passwords.
return to top |
