eJobfile Security
The eJobfile project management Web site has been built with
several layers of security that allow the site to function
in a confidential environment. All customers preparing to
use eJobfile must remember that certain security risks exist
that cannot be handled from a design standpoint. These risks
are the users themselves. When an Administrator issues a
password to view project data, we strongly recommend that
the Administrator stress the importance of keeping this
password secure. eJobfile suggests that each individual who
needs access to project information be set up with their own
password, thus avoiding the possibility of users sharing
passwords.
For our clients who run
projects that contain highly sensitive data, an added level
of security can be obtained by giving the project a code
name and no other specific identification. In addition,
long-term projects should have regular password changes.
eJobfile is a Web-based,
database-driven application that utilizes the latest
technologies to provide a safe, secure environment.
Information within the system is stored in a database that
is not directly accessible through the Internet.
1. Login Security
To enter eJobfile and gain access to any information
contained within the system, you must log on with a unique
user name and password. If a user tries to open a particular
page within the system without first logging on, they are
automatically taken to the login page and refused access to
the system until they have successfully logged on. When a
user logs onto the system, their login information is
validated against the system database and they are presented
with only the options that their security level allows.
- Administrators have complete access to all of their
projects, project reports and user information.
Administrators do not have access to any other client's
information.
- Non-administrative users have access only to the projects
and reports that their administrator has given them access
to. Non-administrative users do not have access to
administrative functions or other user's information, unless
given such access by their administrator.
2. Data Security
All information contained within eJobfile is stored within a
secure, non-browsable database. When users view information
within the system, each page is dynamically generated on the
fly to include the database-stored information they have
requested. Because of this method of real-time page
creation, no client, project, report or user information is
stored in Web pages. Users are able to use their browser's
back button because the pages are temporarily cached within
their own browser.
3. Data Encryption
At this time, eJobfile does not utilize any type of data or
transmission encryption. eJobfile is not intended to store
highly secretive or financial transaction information such
as credit card numbers. If you need to utilize eJobfile for
this type of data, Webfoot.Net can accommodate your needs
via a customized, encrypted system. Please contact
Webfoot.Net for further details on data and transmission
encryption.
4. Data Loss Prevention
While eJobfile's database is backed up to tape on a nightly
basis, Webfoot.Net will not be held responsible for the
unlikely possibility of data loss. For this reason, we
highly recommend that project reports be composed within a
word processor like Microsoft Office or Corel WordPerfect,
saved on your local computer system, and then pasted into
eJobfile's report entry screen. This gives you a local copy
of this information in the unlikely chance that a
catastrophic event might cause data loss within the eJobfile
database.
|
the
anytime, anywhere, online project tracking system.