CommitCRM Business Automation for successful ITs

April 22nd, 2019, 03:35 PM
Posts: 15

We have a situation where we would like to restrict a user from accessing all passwords, except a few.

We generally have two types of users, Trusted and Untrusted. Trusted are people who have been with the company a long time and have access to all passwords (these are sysadmins in CommitCRM).

This is what is working so far (please let me know if there was a simpler way to do this):
* We assigned a token called UNTRUSTED to the untrusted user
* We assign a token to every account we have, titled TRUSTED. (Account security settings - User must have at least one) [Since our trusted users are sysadmins, they have access to all tokens and are able to see these account passwords.]
* For the accounts we want an Untrusted user to have access to, we apply the UNTRUSTED token to the account.

Is there a better way to have done this?

This works great, but is very hard to audit. Is there a way to dump the accounts/tokens to a file or something so we can easily audit this?
April 22nd, 2019, 03:38 PM
Posts: 15
Note, I am using the Advantage Database.
April 23rd, 2019, 06:02 AM
CommitCRM Support
Posts: 6,934
Thank you for posting this and for such a detailed explanation of your workflow!

Indeed the method you use, i.e. security tokens for passwords is the way to go.

As tokens are used to protect a specific Account or Password, you could only mark such Accounts with the TRUSTED token and keep all other Accounts "not-protected", i.e. without a security token. In any case, the way you implemented it is also great.

As printing the Accounts list with their security tokens is not currently an option, you may consider using another field, for example, one of the fields under the Account Details tab and set its value to TRUSTED/UNTRUSTED. Although it will require updating the same security value in two places, this will allow you to filter the Accounts by this field, add the column with this field in the Account list and more. Not ideal but an option to achieve that.

Hope this helps and thanks for asking!
April 23rd, 2019, 10:42 AM
Posts: 15
Thank you, is there a way to make new accounts, by default, have the TRUSTED criteria?
April 23rd, 2019, 11:59 AM
CommitCRM Support
Posts: 6,934
You're welcome. A default list of security tokens for new accounts is an interesting idea. I believe that we haven't heard about it before and I will add a feature request for it so it'll be evaluated. Thanks for asking.

Thread Tools Search this Thread
Search this Thread:

Advanced Search

All times are GMT -6. The time now is 11:05 AM.

Archive - Top    

Commit Business Solutions Ltd.
Forum Software Powered by vBulletin® Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.