Security settings and passwords

As mentioned elsewhere, one of our purposes in ServiceDesk is to enhance the security of your operations by making it impossible, for example, for funds to disappear without you knowing it, or for paid sales to be credited without corresponding funds being collected, and so on.  If an unscrupulous operator were granted unrestricted access to your files, obviously, these purposes could be defeated.  Thus, at various places and for particular kinds of operation, we require use of a password—a key to the lock, if you will, that should be possessed only by those you trust for the particular operations involved.

Besides security against intended skullduggery, another reason we occasionally require a password is to keep those who may not know precisely what they are doing (but who nevertheless intend well) out of sensitive operations.  You may, for example, want to do something in terms of entering sales, payments, or whatever, that's out of the norm, to correct for a previous improper entry, or similar purpose.  You know what you're doing, so it's fine to proceed, but if someone without a real understanding attempts the operation, it may produce an unforeseen result.  Thus, we require a password to keep those who are well-intentioned, but perhaps not perfectly knowledgeable, from messing things up—which means that, in considering who to entrust with a password, you must account not only for whether you've got absolute confidence in their integrity, but in their competence in dealing with sensitive operations as well.

For passwords to be effective, obviously, their secrecy must be carefully controlled.  It’s also important that you can specify which locks any particular password is allowed to open, and which not.  All these needs are addressed in the Security Settings form.

To access this form, you can hit the quick-key combo Shift-F11, or (if you prefer mouse action) click on ‘File Functions’ in the Main Menu, select 'About ServiceDesk', then click on the 'Internal Security' button.  If this is the first time you’ve accessed this form, you’ll need to set your Master Password.  Think of the Master Password as being like a master key.  It can unlock anything.  As such, it’s probably a password that should be known only to the owner, and perhaps to a most trusted, top-tier manager.

With Master Password out of the way, you can choose which particular areas of ServiceDesk you’d like to have password protected.  To show this display, click on the 'Actions' radio button (Alt-A).  The resulting list shows all the areas of ServiceDesk that have password protection available.  To enforce password protection on any item, double-click to toggle “Password required?” to TRUE.  Double-click again to toggle it back to false.

Just as a large building may have a master key that opens all doors (with lesser keys that open only particular doors), the Security Settings form allows you to create lesser passwords, that can open only the particular doors you indicate.  To enter this function, choose the 'Users' radio button (Alt-U).  Here you may create (and manage) as many lesser passwords as you wish.  Each must be listed on its own line in the first column.  The idea is that it’s like creating a key that can open particular doors, and you’ll give that key to the person who you want to have access to those doors.  Make as many keys as you need here—and, certainly, keep track of to whom you are giving them.  That is, in fact, what the second column in this display is for: to help you keep track.  Generally, that second column does not have any other function (i.e., it’s meaningless to ServiceDesk).

After creating any permission key, highlight it and select the 'Permissions' radio button (Alt-P) to select which items in ServiceDesk this key accesses.  You can double-click on items here (much as in the ‘Actions’ display) to toggle whether the password will (or will not) provide access to the indicated action.  If a password is compromised you can change the password in the first column without resetting the permissions you granted (Alt-P).  Also, you may return (as often as wanted) to modify the permissions that are granted to any particular password (i.e., the “doors” which that password can unlock).

There is one exception to the fact that, generally, the second column in the Users page is only to help you keep track of who has which key.  If you have techs logging into TechWindow mode and want make it impossible for another tech to log-in under a particular tech’s ID, create a password for the tech and in the second type his entire name (exactly as entered in the settings form).  Now, only that password (or the Master one) will work for a tech mode log-in under that tech’s ID.

In the Security Settings form you can also reset your master password (it’s good to do this periodically to enhance security).  Select the 'Set Master Password' button at the bottom of the screen.  You’ll be prompted for your current password before you can enter a new one.  You will then re-enter your password for accuracy.  ServiceDesk will keep a log of when your master password was changed.

One note: if you feel absolutely no need for the security of a password, you can set (or leave, if you’ve never otherwise set) the password as nothing (i.e., do not type in anything for your new password, and just hit enter to save the nothing typed).  Then, in actual operations, whenever ServiceDesk asks for a password, you can simply hit Enter (easier than actually typing something in), to enter your password of nothing.