Using SART - Database Security & File Security and Backup

 

Database Security

Access to the SART application is restricted to users with defined user accounts only.  Each user account is a member of a role-based user group.  The Sart application has been configured with four standard user accounts and a user management utility.

The standard user accounts are adequate for most purposes and should only be changed in situations where the standard security model does not meet access requirements, e.g. a large number of users.

Groups:

Admins

A single administrator account will be supplied with the SART application.  This account is intended for configuring the application only and should not be used to run the application day to day.  If the standard password is changed, make a note of the new password and keep it in a safe place.  This is the only account that can be used for database administration so the details need to be secure.

Data Readers

Allows read-only access to all data and reports.

Data Writers

Unrestricted access to all data and reports.

Reports

No access to employee records.  Can run summary reports only.  This account is useful for analysing absence statistics.

To Top

User Management Utility

This utility can be used for adding new accounts or resetting a password.  Only the administrator account can be used to open and run this utility.

From the main SART menu switchboard, select Database Admin Utility then Users and Security.

This will open the form shown below:

img002

 

To Top

The User Accounts form is split into two sections, Users and Password Reset.

 

Adding a new user:

In the Users section,  click the New User button,  the new user form will appear.

img004

Complete the form as follows

User Name:

Up to 20 characters.  The following should not be used “ \ [ ] | < > + = ; ’ . ? *

User ID:

A unique identifier for the user account.  This is not the same as the password.

Group

Select one of the groups from the drop-down list.

img006

Click Apply to save the account.

IMPORTANT NOTE: Make a note of the new account details and keep them in a safe place.

To Top

Deleting a user account

Select the account to be deleted from the users drop down then click the delete button. 

Password Reset

New user accounts are set up with a standard password.  A password can be forced or changed using the Password Reset utilty as illustrated in the screen below.

img008

Passwords must be four or more characters in length.  The following characters should not be used “ \ [ ] | < > + = ; ’ . ?

System Security and Backup of the SART database files

Besides the built in security and passwords used in SART to control authorised users, steps can (and where possible should) be taken by you, or where appropriate your Organisation's IT department, to limit access to the SART files only to authorised users. This can be done through the use of appropriate access permissions, provided by your workstation or network operating system. Using access control, files and folders on your workstation or network can be restricted just to certain users. The exact control and operation of these features will be dependent on the operating systems and security policy and procedures in place for your company. You are strongly advised to implement these additional controls either yourself or through the IT support available to you.

SART data file backup

The SART database files should be backed up regularly as part of a normal backup/data-recovery routine that should be used by your organisation, so that you dont lose data in the event of a corrupt or failed IT system. If the front-end and back-end files are located on a network drive these may well be backed up by your IT systems as part of a regular routine, and the copies kept off site. You are strongly advised to make suitable arrangements to regularly copy the SART files to backup media, or, where applicable, to contact your IT department to confirm or to make suitable arrangements.

For some measure of local protection it is possible to make a compressed or "zipped" copy of the back-end data file in the folder where SART is located by running the batch file sartfbu.bat. This will create the file SARTBE.zip, that can then be copied/backed up and stored elsewhere. The batch file sartfbu.bat will be recreated each time the database is re-linked so as to reflect the latest location of the database.

This limited back-end copy feature cannot replace a proper backup routine, and if you are using the SART for the management of Sickness Absence data for your organisation you are strongly urged to ensure proper security and backup measures are in place if you will be updating the SART database.