Security Methods - How They Work
When using a MS SQL Server database in Calibration Control, the built-in SQL Server and Windows authentication will keep the database protected. Otherwise, when using MS Access the database file (apecal.mdb) can use a database password.
Activating User-Authentication (Sign-In Mode)
Any user can activate User-Authentication mode after ensuring at least one active User has Admin privileges. Only a User with Admin privileges can deactivate User-Authentication.
What an Administrator Can Do
Administrators have full access to all parts of the application that require any level of security. An Admin can create Users and change the privileges of any other User, including other Admins. Administrators cannot remove themselves from being an Admin while User-Authentication mode is activated; one Admin must remove the Admin privileges of another. This is a safety feature to ensure there is at least one Admin while the application is in User-Authentication mode.
Administrators and Passwords
When an Administrator creates or changes the password for any User other than themselves, that User will be required to change their password the next time they sign in. Use the Password Security Dialog page for help in implementing and adjusting Password Security methods.
There are six pre-defined security roles, which are: Administrator, Super User, Supervisor, Technician, Layouts and No Role (read-only user). Although these Roles cannot be changed, Admins and Super Users can change which Role has access to which Permission. In addition to a role, a user can be a Terminal User. This means they can only use Calibration Control's Terminal Mode.
Hierarchy of Roles
A User with no Roles assigned can see, print, and export any information within the database. Each of the other Roles has the privileges of a User with no Role in addition to:
Administrator: Can do anything that requires security.
Super User: Can do anything an Administrator can do
except add or edit Users.
Supervisor: Same authority as Technician and
Production, can also edit Technician Name and Status of calibration
records, and can remove relationships between Equipment and Jobs.
- Technician: Can create and edit equipment records. Cannot edit the Technician Name (added automatically) or the Status of calibration records.
- Layout: Has the authority to make most application layout changes relating to the look and feel of the database.
- Supervisor: Same authority as Technician and Production, can also edit Technician Name and Status of calibration records, and can remove relationships between Equipment and Jobs.
- Super User: Can do anything an Administrator can do except add or edit Users.
There are pre-defined Permissions for specific areas of the application that require a given level of security. Although each Permission has a default minimum Role, Administrators can change the Role of any of the Permissions. Non-admins can only view the Permissions grid but cannot make changes.
All field and label changes are tracked in the 'Change Log' grid found in the Data Grids tab of the ribbon menu. It records time and date, user (if User-Authentication mode is activated), the screen where the changes were made, machine (computer) name, and the detail of the change. The change detail includes field names and before/after data.
Last Updated: 18 March 2021