Project BG3: Security

Security has been built-in to the BG3 application from the ground up.

Users

Each member of staff can be given their own individual username and password to access the application. Issuing usernames and passwords to individuals makes staff more precious about their user credentials and also allows for finer access control.

Users are placed in to roles, or groups, to which permissions are assigned. Group users allows permissions to be set once and more easily managed as staff leave or change roles within the organisation.

Should the user leave their workstation unattended for a configurable amount of time, they will be automatically logged out to help prevent unauthorised access.

Auditing

The BG3 application supports audit logging of events. This is a non-editable history of events such as creating or deleting an account that can be made available to the system administrator.

The log records information such as the action taken, which user account was used, the site the action was taken at and the date & time the action was initiated. While this doesn't prevent staff from wiping records, it does provide a method of tracing back what happened, when and by whom.