MIS Systems Thread, SIMS AD intergration - Put a password in a second time? in Technical; Same Sign On, yes @ vikpaw thats exactly it.
@ matt40k I'll tell them! The bigger point is not so ...
5th September 2012, 12:53 PM #16
Same Sign On, yes @vikpaw thats exactly it.
@matt40k I'll tell them! The bigger point is not so much the technology, but it being used to secure as best as possible the general joe bloggs who is inherently insecure with their management of data, passwords and leaving their laptop logged in on the bus to be lost! If you are in on one system on the traditional SSO, you have access to EVERYTHING... as opposed to have just one system that has been compromised...
5th September 2012, 01:41 PM #17
EVERYTHING is true, but that's if your system is physically compromised, i.e. left logged in and available.
If your password gets lost, left on paper, socially engineered, etc. then you're hosed anyway.
This SaSO idea is growing on me. At least it's less to remember.
Can't wait for Google's MIS to hit the streets.
Thanks to vikpaw from:
GREED (5th September 2012)
5th September 2012, 07:12 PM #18
Right, remember that SaSO was my term for the record... when it becomes the new buzz word...
6th September 2012, 10:04 AM #19
- Rep Power
Editing the connect.ini file to the following will require user to enter AD password again
2 Thanks to paul:
FN-GM (6th September 2012), zag (11th September 2012)
6th September 2012, 10:06 AM #20
Thanks, this is what i want
Originally Posted by paul
6th September 2012, 10:07 AM #21
...Or click on the "Current Windows User", then ok...
6th September 2012, 10:31 AM #22
But thats not what we want. Thanks
Originally Posted by matt40k
6th September 2012, 10:40 AM #23
That's all it does. So no go.
Originally Posted by matt40k
6th September 2012, 10:42 AM #24
Thanks to vikpaw from:
GREED (11th September 2012)
6th September 2012, 05:33 PM #25
We decided to use AD inegration. Our discussion was that there is enough confidential info on the network anyway if a pupil gets a staff members password the damage is already done as the staff were prety much using the same passwords for both.
What we have done is made SIMS easier to use and tried to remove technological restrictions staff were hiding behind to avoid using it. I don't disagree with the arguments against it, they are valid. We just took a different approach. There has to come a point when responsibility lies with the end user, the more tech barriers we stick up to be secure the more barriers there are to people using it. It's a fine line, I know.
Thanks to Stuart_C from:
matt40k (6th September 2012)
6th September 2012, 05:34 PM #26
I realise the last post was OT ish. No I don't know how to do what @FN-GM wants. I don't think you can as far as I am aware.
6th September 2012, 08:43 PM #27
Spot on Stuart!! Teachers are professionals and should be treated as such, they are capable of locking their laptop and you shouldn't create unnecessary barriers because a few are, in your opinion, an idiot. Even if you are right lol
11th September 2012, 09:58 AM #28
While all arguments are true, the unfortunate reality is when security is breeched, everyone is quick to point the finger, usually in the direction of IT, the software, in fact anyone but themselves or staff who choose not to follow basic rules and lock the computer!
I cannot say I agree with the 'there is enough confidential info already on the system'... surely that should be highlighting ANOTHER issue, not as a reason 'not to bother any further'? I'm not disagreeing with your decision that is fine... just worried by the reasoning!
11th September 2012, 10:33 AM #29
Graham, by your logic, you would need to close your browser when leaving your machine unattended and have it set to purge the cache each time you close it. Unfortantely, it doesn't happen.
Admittly your Team HTML5 and @PhilNeal is in Team App and your trying to sell the extra login as a security feature. Just incase anyone hasn't noticed
11th September 2012, 12:03 PM #30
Not quite. I am suggesting that PCs are still locked. This is the most secure method for securing a workstation, not just for the benefit of the MIS but all information. Although loggin out and/or closing browser (closing the session is Aspen logs you out) is not a bad point -would you leave you online bank page open on a public library PC (anyone who responds with 'I wouldn't use a public PC for banking'... feel my wrath!)?
My suggestion here though is using this concept of 'auto-logging in' to save time on passwords is flawed. It is as bad as having your password on a sticky note on your monitor. It takes one time forgetting to lock the PC (we all do it), and the little buggers will have access not just to what is open, but everything else too. What about leaving the laptop on a bus? Now with SSO (the traditional thought of SSO), finder now can get at all your linked accounts. Left laptop on bus with just windows logged in, and they can auto login to SIMS (Well, in theory, if SIMS were web based ) With SaSO (remember, Same Sign On... my term, trademarked!) they would need to know your password, so there is that additional layer of security protecting systems. And what is the downside: Wow, I have to put my SAME username and password in again, something most do a couple of times a day for years.
By j17sparky in forum MIS Systems
Last Post: 31st August 2012, 01:14 PM
By oxide54 in forum MIS Systems
Last Post: 21st December 2010, 07:59 PM
By zag in forum MIS Systems
Last Post: 14th February 2010, 07:57 PM
By Jake in forum MIS Systems
Last Post: 29th September 2008, 02:31 PM
By timbo343 in forum Windows
Last Post: 20th March 2007, 05:04 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)