STARK Version 5.1.35.XXXX Security Updates

This Help File Page was last Modified on 06/20/2018

<< Click to Display Table of Contents >>

Navigation:  Security & Access Management >

STARK Version 5.1.35.XXXX Security Updates

This Help File Page was last Modified on 06/20/2018

Welcome to the Summary Page which describes the major New Features for the Security & Access Controls section of MKMS Version 5.1.35.XXXX Release.

 

HelpFilesStark

 

This New Features Table contains three columns of data relating to each of these New features:

1.Program Module(s) Affected - This column lists the specific modules that were improved.

2.Chapter Links - This column lists of the link(s) to the chapter(s) where the previous instructions, illustrations and explanations have been revised to reflect the program changes and/or enhancements.

3.Description of the Enhancement - A brief explanation of the new features, functions and enhancements that have been added in this release with links to all of the affected chapters and some related chapters, also.

 

Understanding the New features Chart:

All of the Program Module(s) that are Affected are listed.

The Chapter Links are provided for finding the instructions, illustrations, and details on the operation and usage of the new feature(s).

A brief Description of the Enhancement is shown, sometimes with additional Chapter Links.

 

Program Module(s) Affected

Chapter Links

Description of the Enhancement

MKMS STARK

MKS Validate

An MKS Validate stand-alone Utility has been created with similar functionality to the Validate Database function within MKMS.

MKMS STARK

Employees

The keyboard's Insert (to start a new entry on an Employees Form tab with a Grid format), Delete (to remove an existing entry on an Employees Form tab with a Grid format); plus the Ctrl+S combination (for Save) have been implemented.

The Left and Right Arrow Navigation Keys will move the focus from one Employees Form tab to another has been implemented, as has the Ctrl+Insert combination to start a new record on the Employees Form;

 

 


MKMS STARK & MKMSCS UL

Security & Access Management

Central Station Monitoring

UL 1981 Third Edition

Installation Requirements

This chapter outlines the security related requirements of the Third Edition UL® 1981 Standard

Security & Access Management

Central Station Monitoring

Add/Delete Users

UL® Password and Username Requirements: As part of properly implementing the Third Edition UL® 1981 Standard, specifically for compliance with section 6.2 Sign-on Security of the Third Edition UL® 1981 Standard, the creation of Passwords is strictly defined.

Security & Access Management

Change Password

Add/Delete Users

When the UL® 1981 Version is Registered (i.e., Active), the Company Settings CheckULPasswordRestrictions option is set to True ("T") to comply with Section 6.2.6 relating to Password Restrictions in the Third Edition UL® 1981 Standard.

 

When the CheckULPasswordRestrictions option is set to True ("T") in Company Settings, the Password Requirement legend on the Change Password Form and the Add/Delete Users Form has been updated to more clearly identify those UL® requirements for password creation.

Security & Access Management

Central Station Monitoring

Change Passwords

Change Passwords:   Passwords must be created using the UL® Sign-on  Security requirements:

UL® Password and Username Requirements: As part of properly implementing the Third Edition UL® 1981 Standard, specifically for compliance with section 6.2 Sign-on Security of the Third Edition UL® 1981 Standard:

6.2.1 - The Employee's Password (i.e., Passcode) shall consist of the following:

a)A Username of at least six (6) characters

b)A Password which shall consist of a minimum of six alpha-numeric characters with at least one alpha and one numeric character

6.2.6 - The automation system shall prevent:

a)Repeated passwords, used within the last six changes;

b)Passwords that are a derivative of the user name(s); and

i.[e.g., Password cannot contain 50% of a Username so a User "Stacy" cannot have a Password of "STA3841"]

c)Passwords that are simply letters or numbers in order (e.g.: abcd, 1234, etc.).

i.[e.g., any type of sequence is prohibited such as 'ab', '34', '89', 'xy']

Security & Access Management

Employee Hired/Terminated

This is the new Employee Hired/Terminated report (documented to comply with the Third Edition UL® 1981 Standard) which provides a list of the Company's Employees is displayed in a functioning Grid dialog with an Employee Trace Form Title:

It provides a list of the Employees - retrieved based on their Hire, Termination, or original Entry Date - that is displayed in Grid format and so may then be viewed, sorted, filtered, reconfigured, printed, emailed, and/or exported.

Security & Access Management

Review Deleted Entities

A new Entities Drop-Down Selection List field has been added to the Review Deleted Entities Form where previously deleted Proposals were not included.

Entities - By default, All deleted entities (e.g., Invoices, Bills, Receipts, Proposals, etc.) will be listed based on the selected Filter type and Date Range.

oUsing the Drop-Down Selection List provided, you may also Choose to list only one type of Entity.

oIf Proposals are selected, you may Choose whether to list the deleted Proposals for Prospects (the default) or Subscribers.

 

The Restore option on the Review Deleted Entities Form can now restore Proposals including data entered in the Proposal Items, Recurring Items, Job Tasks, and Options tabs, when present.

Security & Access Management

Employees Form

Personal Tab

Security Tab

HelpFilesEmployeeFormPersonalTab-E-SignatureIcon

There is a new E-Signature field and E-Signature Icon (shown above) on the Personal Tab of the Employees Form that provides the ability to store an Electronic Signature for an Employees. The Electronic Signature dialog - where the Electronic Signature is actually created - is accessible by Clicking the E-Signature Icon.

This E-Signature Icon is only active when a User has been given the appropriate Access Rights to the Electronic Signature Form. 

These Access Rights are provided by including the Electronic Signature Form in the Employee Group to which the Employee is a member (in the Security Access Group field within the Security tab of their Employee Form), and/or by specifically adding the Electronic Signature Form to the User Access Rights Form for this User.

 

When entering the Employee's User Name in the Database User Name field in the Security tab of their Employee Form, if the CheckULPasswordRestrictions option is set to False ("F"), the UL® Password and Username Requirements Password Restrictions feature will be turned off.

Security & Access Management

Employee Groups

Password Field Access:

If your Company needs to restrict access to the Password field on the Central Station Data Form within the Monitoring tab, but still allow access to the other Fields on this Form, you may now simply remove the Check from the Password item in the Fields tab of the Employee Groups Form for the Central Station Form.

The result would be that no Employee assigned to this Employee Group would have access to that Password field.

In a similar manner, access to most of the other Fields on this Central Station Data Form may also be controlled.

 

Note: It is important to remember that when an Employee has specific rights assigned by using the User Access Rights Form, those rights granted or restricted by using the User Access Rights Form will override those granted or restricted on the Employee Groups Form!  

When restricting or granting any rights or access to a Form or a Field, be certain that those restricted or granted rights are not negated in the User Access Rights Form

Security & Access Management

Central Station Monitoring

User Login History

The new User Login History Report (designed and documented to comply with the Third Edition UL® 1981 Standard) will list those Employees who have attempted to, or successfully Logged Into the MKMS database (mkmsdefault.db).

Because this is a true Grid (see the Grids & Lists - Print Preview - Exporting Data chapter for much more information), it offers the Filtering, Configuration, Sorting, Printing, Emailing and Export capabilities that are inherently part of an MKMS based data grid

Security & Access Management

Central Station Monitoring

Employee Groups

The Employee Groups Form allows you to define which Access Rights will be available to the Employee (on a Form by Form basis) by assigning the appropriate Employee Group Code to that Employee.

Checking the Audit Access Right on all Forms assigned using the Employee Groups Form is mandatory for compliance with the Third Edition UL® 1981 Standard requirement.