+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 29
MIS Systems Thread, SIMS.net change request in Technical; Apologies if this is in the wrong place, I am new here. Why we cannot do this already absolutely baffles ...
  1. #1

    Join Date
    Feb 2009
    Posts
    12
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    SIMS.net change request

    Apologies if this is in the wrong place, I am new here.

    Why we cannot do this already absolutely baffles me but...

    I have logged a change request with Capita regarding data tracking in SIMS. We have recently experienced an issue whereby someone has put some incorrect data into SIMS and are quite keen to find out who it was in order to approach them and, if neccessary, retrain them in how to do it correctly.

    Basically someone had entered an absence in incorrectly which has potential ramifications, however this has got me thinking, what would stop a student accessing a workstation with SIMS on it, and modifying pieces of SIMS, or worse still, obtaining a member of staff password, surely this would would enable the administrators to be able to spot potential training issues, and also (and more importantly) potential security breaches.

    I would appreciate anyone that feels the same if they could take a look at the change request and vote on it.

    Change Req. Number: 1202-1043439

  2. #2

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,044
    Thank Post
    374
    Thanked 373 Times in 304 Posts
    Blog Entries
    8
    Rep Power
    177
    What is it the change request is looking to provide?

    As with all of this, user training is key, a reminder of Win + L

  3. #3

    Join Date
    Feb 2009
    Posts
    12
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I am looking at this simply being able to tell an admin who entered what information.

    I would have thought it would be good practice to be able to have an trail for situations such as this.

    I completely agree with the win key + L, but I have seen staff accidentally type their passwords in the username field before now, and students have seen it.

    I simply look at the situation as either 1. a student can see a password and start causing mayhem and the only sure way to ensure they cannot get in again is to change all the passwords, or 2. an admin can track it back to a specific user, change just their own password, and there is no major panic.

    Maybe I am being a mug, but this all makes sense in my head

  4. #4
    paul's Avatar
    Join Date
    Jun 2005
    Location
    Preston
    Posts
    170
    Thank Post
    2
    Thanked 12 Times in 8 Posts
    Rep Power
    21
    Attendance is already auditable using the Reason for change routine Routines | Attendance (Lesson Monitor | Edit Reason for Change. This will highlight any unexpected changes of marks i.e changing a / (present) to a I (illness)

  5. #5

    Join Date
    Feb 2009
    Posts
    12
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    The issue I am experiencing personally is with a member of staff rather than a student.

    Basically we have had a member of staff that has been entered as having leave which they are not entitled to, we would like to know who entered it so we can check if it was accidental etc.

  6. #6
    apeo's Avatar
    Join Date
    Sep 2005
    Location
    Lost
    Posts
    1,612
    Thank Post
    95
    Thanked 115 Times in 111 Posts
    Rep Power
    42
    I've voted for it but if it ever gets implemented (probably not) it will likely create additional overhead. I too have always wondered why we dont have a way to audit users via SIMS given how much sensitive data is recorded.

  7. #7

    creese's Avatar
    Join Date
    Feb 2009
    Location
    -28° 31' 48.89", +28° 25' 37.42" ... if only.
    Posts
    3,253
    Thank Post
    181
    Thanked 375 Times in 304 Posts
    Rep Power
    174
    Having been involved with Change Request Days with Capita, this changed has been rejected a number of times. Reasons being that the log would be huge and unwieldy due to the number of transactions in SIMS.

    There is a log for Attendance and one in Primaries for Dinner Money at present. I know the Dinner Money log is large and wouldn't want to have to trawl through a 'general' log. Especially if you don't know the date it was amended, erased, added etc.

  8. #8

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,410
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Also this would only report on the staff users account that has been "hacked". I suggest to download the SIMS permissions spreadsheets and check who has access rights to add absenses, this should be only a hand full of people - ie the HR person and the person who does cover, when you add cover it (can?) add it to the personnel record (such as training). Those people should be limited to static desktops computers where they are physically secure, ie someone will notice if a student walks into the PA room. It may be possible that the cover person could be a teacher and using a laptop - so if they're not very lock computer friendly, maybe look at creating two SIMS login accounts - one for classroom use and another for Cover duties - just a thought. Similar idea to what all technicians do, they have a work-work account and a work-administrator account.

  9. #9
    apeo's Avatar
    Join Date
    Sep 2005
    Location
    Lost
    Posts
    1,612
    Thank Post
    95
    Thanked 115 Times in 111 Posts
    Rep Power
    42
    Well question asked and answered, thanks creese. Come to think of it now that you mention it I do remember reading about this LOL. Memory is not quite what it use to be.

  10. #10
    Sivadam's Avatar
    Join Date
    Feb 2009
    Location
    Dronfield - Derbyshire
    Posts
    1,449
    Thank Post
    136
    Thanked 208 Times in 175 Posts
    Rep Power
    55
    I have voted strongly against for the reasons already explained in a previous post.
    I have attended a number of Software Consultation meetings where this and similar CRs have been discussed and rejected. It simply is not practical.
    In vital areas like P7 there are built in safeguards provided by the System7 Permissions Groups which all schools should be aware of.

  11. #11

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,974
    Thank Post
    674
    Thanked 1,384 Times in 1,146 Posts
    Rep Power
    350
    I'm voting for. Other systems out there provide auditing, and i'm sure if they wanted to they could find a way to archive the logs or overwrite them after a set period. It shouldn't be that much of an overhead.
    Anyway, that's for the software developers to deal with, not for us as end users to say, well it creates an overhead and slows the system down. We should ask for what we want, so they have it on the agenda and try to think up ways to improve it.
    It is key data we're storing and security is key, in all the ways mentioned above, but some kind of audit would be useful. This crops up in so many areas, attendance, behaviour etc.

  12. #12

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,044
    Thank Post
    374
    Thanked 373 Times in 304 Posts
    Blog Entries
    8
    Rep Power
    177
    Banking systems for example provide full audit trails of all changes... and they are some of the best in the world... just saying!

  13. #13

    Join Date
    Nov 2011
    Posts
    12
    Thank Post
    3
    Thanked 3 Times in 2 Posts
    Rep Power
    6

    Audit trails

    Quote Originally Posted by GREED View Post
    Banking systems for example provide full audit trails of all changes... and they are some of the best in the world... just saying!
    I worked for a bank & the audit trails are excellent. I will vote strongly agree, because we are a very large school & have issues with people amending students details incorrectly, there is no way of finding out who or why. Although I understand that the audit log would be very large, I feel in the 21st Century this really should be achievable, we are dealing with the records of children & protecting their data should be the highest priority.

  14. #14

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,044
    Thank Post
    374
    Thanked 373 Times in 304 Posts
    Blog Entries
    8
    Rep Power
    177
    When you consider SQL transaction logs are doing more or less just this, on a shorter term basis there must be ways of using these as the interrigation of changes made (obviously not month or years).

  15. #15

    creese's Avatar
    Join Date
    Feb 2009
    Location
    -28° 31' 48.89", +28° 25' 37.42" ... if only.
    Posts
    3,253
    Thank Post
    181
    Thanked 375 Times in 304 Posts
    Rep Power
    174
    Quote Originally Posted by GREED View Post
    Banking systems for example provide full audit trails of all changes... and they are some of the best in the world... just saying!
    To be fair to Capita, someone has to be :-), Banks don't have to prioritise government changes every few months and then incorporate them into these logs... in a meaningful way. Don't forget, every school doesn't have the people with the knowledge or ability to interrogate these logs.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [SIMS] SIMS.Net Active Directory Integration
    By robknowles in forum MIS Systems
    Replies: 29
    Last Post: 4th October 2011, 02:54 PM
  2. [SIMS] Sims Analysis - Change request to vote on please
    By BatchFile in forum MIS Systems
    Replies: 7
    Last Post: 29th July 2010, 02:20 PM
  3. Replies: 2
    Last Post: 12th June 2010, 06:37 AM
  4. If your board Vote for my SIMS Change Requests
    By Stuart_C in forum MIS Systems
    Replies: 1
    Last Post: 15th September 2009, 10:42 AM
  5. SIMS change requests - Vote please!
    By park_bench in forum MIS Systems
    Replies: 4
    Last Post: 30th October 2008, 11:58 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •