Just a closing thought as i go for my weekend, though will be back tomorrow for a bit in teh morning.
With a cloud MIS for security you really want to have dual-factor authentication. It's just too risky not to, right? Attempts at enforcing strong passwords, just force the user to write it down, usually somewhere obvious, in clear text, with a big label that says use this for 'XYZ MIS' (yes that popular product rears it's head again!)
I'm just wondering, how do you then get third party apps and providers to connect to the system?
Anyone with experience or thoughts?
For example, we have in-house SIMS, so my add-ins either have credentials passed in at run-time or stored locally on a server here, and they talk to eachother within the confines of my network.
How does this work, if the MIS is in the cloud, and all staff are using dual factor? How does the third party or automated system authenticate in a way that's dual factor?