MIS Systems Thread, Cashless Catering Permissions in Technical; Absolutely!...
6th May 2014, 12:13 PM #16
6th May 2014, 12:17 PM #17
I hope you didn't create the SIMS account @Steve21!! It's important that steps like @PhilNeal has stated are followed, this how vulnerabilities occur, you shouldn't assume that it is secure just because only you know the password! Just look at Heartbleed, just because large companies like Google assume something is secure does't mean you should. Far as you are aware the schedule task is sucking all the data out all your data then the application is uploading to some server in China. Limiting the scheduled tasks\application isn't going to stop that, but it will at least limit the amount of damage that it could cause. It's not like it's difficult either, few clicks and you've gone from potential releasing an entire schools information - everything from SEN data, to staff bank details and everything inbetween - to a heck of a lot less (still not great of course)
6th May 2014, 12:26 PM #18
Nope not myself Matt, but guess my point being a lot of these services need higher than normal permissions (ok maybe not sys etc), but as an example Emerge wanted:
• Personnel Officer
• School Administrator
• Senior Management Team
• Third Party Reporting
6th May 2014, 12:43 PM #19
It would be interesting to know why they need each of those access rights.
By Reado10 in forum Hardware
Last Post: 10th February 2014, 09:41 AM
By ninjabeaver in forum How do you do....it?
Last Post: 29th July 2011, 08:59 PM
By Sylv3r in forum Windows
Last Post: 11th July 2011, 09:07 PM
By pete in forum Hardware
Last Post: 2nd November 2010, 04:54 PM
By mbird in forum Blue Skies
Last Post: 28th May 2010, 10:41 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)