Security Methods & How They Work
Security Methods, Audit Trails, Roles Permissions
Calibration Control (our Calibration Management Software) has measures and options to help you maintain the security and integrity of your data. The User Roles can help you place restrictions or grant permissions to various users accessing your database.
When using a MS SQL Server database in Calibration Control, the built-in SQL Server and Windows authentication will keep the database protected. Otherwise, when using MS Access the database file (apecal.mdb) can use an encrypted database password.
Audit all field and label changes which are tracked in the Change Log grid found in the Data Grids tab of the ribbon menu. It records time and date, user name (if signed in), the screen where the changes were made, machine (computer) name, and the detail of the change. The change detail includes field names and before/after data.
Check Out Log
All history of job records and tool activity with the Check Out activity dialog is recorded in the Check Out log found in the Data Grids tab of the ribbon menu. It records the time and date of both check in and check out actions, the increment, the Equipment ID. The Check Out log also records Machine name, Created date, and Created By User name. If applicable, log shows the name of the Person for the Check Out, the Reference information, and Status Changed To value, if applicable. Set the requirements for Check Out in program Options.
Mail Activity Log
All history of Auto-Notifications scheduled to send automatically or manually triggered Emails are logged in detail in the Mail Activity log, found in the Data Grids tab of the ribbon menu. View the history log for emails sent from the database, when, and from whom. The Mail Activity Log records the Auto Email Event and Dialog name, Sent date, Recipient Emails, CC and BCC Email Addresses, Content Subject Bar, Signature File Name, Email Body, User name, and Person name.
Activate User Authentication (Sign-In Mode)
Administrator Role Privileges
Administrators have full access to all parts of the application that require any level of security. An Admin can create Users and change the Role privileges of Users, including other Admins. Administrators cannot remove themselves from being an Admin while User-Authentication mode is activated; one Admin must remove the Admin privileges of another. This is a safety feature to ensure there is at least one Admin while the application is in User Authentication mode.
When an Administrator creates or changes the password for any User other than themselves, that User can be given a temporary password to change once they sign in for the first time. Use the Password Security Dialog page for help in implementing and adjusting Password Security methods.
There are pre-defined Permissions for specific areas of the application that require a given level of security. Although each Permission has a default minimum User Role, Administrators can change the Role of any of the Permissions. Non-admins can view the Permissions grid but cannot make changes.
Pre-Defined Security Roles
There are six pre-defined security roles, which are Administrator, Super User, Supervisor, Technician, Layouts, and No Role (Read-Only User). In addition to a Role, a User can be assigned as a Terminal User, which means they can only use the limited CC Terminal Mode.
Hierarchy of Roles and Permissions
Read-only users with No Role assigned can view, print, and export any information within the database. All of the User Roles have the same privileges of the read-only users with No Role, in addition to the following:
- Administrator: Highest role can change the work environment, security, and edit Users. Admins have ability to Change Product Key; Modify Security Options; Disable Sign-In Mode; Modify Feature Visibility; Modify minimum Roles required for specific Permissions.
Super User: Second highest role has all permissions of any Role other than the Admin. Can change most Options and set rules, (except Security and Feature Visibility Options. Cannot edit other Users.) Can edit Auto Notifications, Codes, Dashboards, Confirm Standards settings, Backup MS Access Database, use File menu to Open Files/Settings/Data Folders, Show Fields settings.
Supervisor: Third highest role shares all permissions of lower roles. Can approve calibrations and work orders, remove links between records, edit and delete records. Has permission to edit some settings in program Options.
Technician: Can create and edit records of equipment, calibrations & measurement groups and link standards used, but cannot edit the Cal Technician Name (added automatically) or the final status of the Calibration. Can use Asset Transfer, Record Jobs in Check Out, and use Status Change. Can create and edit and link most data records. Has permission to delete Attachments, Calibration Templates, or Equipment Type records.
Layout: Can make application layout changes relating to the look and feel of the database appearance in the software.
Last Updated: 12 January 2023