Security Overview

Updated by Steven Garand

Security is based on Auth0 which is used by modern Web based applications such as Google and Facebook.
For added security multi factor authentication (MFA) is enforced. Specifically 2 factor authentication (2FA) is used, which is a type of MFA. This requires something you know, your password, and something you have, your smart phone or tablet for example.
If a separate smart phone or tablet are not an option, MFA can be set up on the same computer. This is not recommended if not necessary.
A new user has an automatically generated password which is not stored and can not be retrieved. The user also has an email status of unverified.
A new user must verify their email, negotiate the MFA process, and reset the password before gaining access to the application.
ARTSCO has no access to any passwords. If a user looses a password they must reset the password to a new value.
A user designated as an owner has no restrictions and can not be deleted. Only one owner is recommended.
Only ARTSCO can designate a user as an owner.
All users that are not owners must be assigned to a permission group which may restrict their access to some system features.
Permission groups may reduce the cost of a user. A user restricted to the administrative only application is not charged as a user. A user with form only access is charged at a small fraction of a user. A user with severely limited access can in some cases be negotiated at a reduced cost.
A detailed activity log of a user's history can be viewed.
A specific users permissions can be viewed but not edited. Permissions for a user must be edited in the permission group the user belongs to. Edits would apply to all users in this permission group not just a specific user.
Permissions allow setting restrictions to system features. Restrictions are organized into groups and a user is assigned to one of these groups.
A list of all users assigned to a particular group can be viewed.
A permission group has a list of system functions (Types) which allow user access of that type to 1.) all, 2.) some, or 3.) none.
A Type of 'some' can be further broken down to allow the user to 1.) View, 2.) Edit, 3.) Add, 4.) Delete, or access a list of values (Filter).

Actions

  1. Users
  2. Restricted Access For Users


How did we do?