Unanswered Active Topics Forums Search

Forums > EMu Administration > EMu Registry Subject: access control

Prev Next

You are not authorized to post a reply.

Author Messages Oldest First Newest First nancy jackson Posts:3 25-12-2008 4:39 AM Alert  Hello. My institution is just launching emu. Like the old one, it has access control. In the old system, everyone who enetered data dn cataloged was listed in the access control. This included volunteers, work/study students, and interns, as well as staff (past and present). For this new Emu system, our IT person doesn't want to list everyone. Anyone who is going to be working less than a year or less than 8 hours a week is to be put under general headings of user1, user2, etc. Personally, I see this as aproblem. We're going to have to keep track of people on paper for years. There will be issues with permission rights for different people. It will not provide accurate information in data entry over time for audits. I was wondering what the rest of you do in these situations? Thank you for your guidance. DucPhong Nguyen Posts:17 26-12-2008 1:12 AM Alert  At our museum, the National Museum of the American Indian, having unidentifiable generic accounts is not allowed per Federal Information Security Management Act (FISMA). We do have some generic accounts but they are associated with real individuals, i.e. a visitor account is "owned" by the Collections Manager. I suggest that you first discuss with your IT staff regarding their rationale behind wanting to keep generic accounts, i.e. to simplify account management process. I certainly can understand the annoyance of having to reset account passwords for a contractor who comes in once every few months. But my minor annoyance is trumped by institutional policy. In addition -- although I am by no means an expert in this area, others on the forum will be -- if your institution is AAM accredited, you are required/expected to have proper documentation regarding inventory control. Hopefully you can convince your IT staff how critical it is to have proper identification of each individual who has read/write access to the system. Good luck, Ducky (NMAI)
You are not authorized to post a reply.	EMu-l Archive --EMu-l Archive EMu Community --EMuUsers.Org News and Feedback --EMu Users Organising Committee --General EMu Community Discussions EMu Development --EMu Design --Catalogue --Parties Module --Web Development --Conservation Module --Multimedia --Taxonomy module --Thesaurus Module --Transactions Module --Locations and Internal Movements --Sites, GIS/Mapping, Geography --Narratives Module --Events Module --Ethnology/Archaeology --Bibliography --Accession Lots --Statistics Module --Digital Asset Management in EMu Using EMu --General EMu Use --Crystal Reports --Alternatives to Crystal Reports EMu Administration --EMu Registry --Admin Tasks & scripting --Tips & Tricks --Data Quality Project Management --EMu Implementation Projects --User Support Texpress --General Texpress questions
Forums > EMu Administration > EMu Registry > access control

ActiveForums 3.6