Page tree

Contents

Manage Operators and Security Groups (5:09) (info)

Learn how to manage your operators and their permissions for Administration and the Kiosk.

Download | Script

The Security interface allows operators (with the appropriate authority) to modify existing or create their own custom security groups by manipulating lists of permissions. In turn, these Security Groups (assigned to individuals in Manage ⇒ People ⇒ Personal Info) determine what actions operators and/or people are permitted to perform.

When a new person is added to KeepnTrack, their default Security Group is Person. However, you may need to change their Security Group to one that grants more appropriate permissions.

If you haven't yet established an Administrator for your facility, the very first operator that you should create is the Facility Administrator or an Administrator with the equivalent Security Level access. Do not forget to create a Username (i.e. Login ID) and Password for this operator since it required to Log In and use the system-including create, edit, examine, or delete other people and/or operators.

The Security management window contains information about the security groups in your account or facility; you can create, view, modify, and remove security groups using the commands in the Actions menu.

Security Groups

The left pane of the window contains the default and custom Security Groups that can be assigned to operators and persons in People > Access. Select a group from this list to edit its permissions on the right.


Default Security Levels

KeepnTrack comes with several default Security Groups; from Account Administrator to Visitor. At the outset, Account Administrator is the least restrictive and allows unlimited access to KeepnTrack preferences, settings, and kiosks. Visitor is the most restrictive security group, only allowing users to sign in from a Kiosk.

These are the default security groups available in KeepnTrack. Aside from the Account Administrator, each of these default security groups can be edited, deleted, or renamed.

Account Administrator

Security Level 0

Full access to every KeepnTrack control and setting, including the ability to examine and change registered operators. Operators at this level can edit account-level preferences and have access to all facility-level preferences. The Account Administrator security group can not be modified or removed. When this group is selected, the right side of the Security interface displays the following message: “The Account Administrator Security Group is created by the program and provides full access to all program areas. It can not be modified or deleted.”

Facility Administrator

Security Level 1

This security group has full access to every control and setting at the facility level, including the ability to examine and change registered operators at their security level and below. Operators with this security group can only edit preferences for their assigned facilities.

Administrator

Security Level 2

This security group allows full Administration and Kiosk access, except the ability to change Security or Preferences settings.

Operator

Security Level 3

This security group has access to the Attended and Self-Service Kiosks, only.

Person

Security Level 4

This is the default security group for a newly created person and/or operator. This level can only access Edit History under their Person Status (if allowed).

Visitor

Security Level 5

This security group is applied to newly enrolled (i.e. permanent) visitors created during the Visitor Sign In process. However, permanent visitors aren't assigned a Username (i.e. Login ID) or Password; even if they were, this restrictive security group wouldn't allow them to do anything.


Actions

Operators with the appropriate permissions can add, duplicate, edit, or remove any of KeepnTrack's security groups—except Account Administrator, which can not be edited, removed, or renamed. Go to the Actions menu to view these options. 

  • New Security Group
  • Remove Security Group
  • Duplicate Security Group
  • Rename Security Group

You can also click at the bottom of the Security Groups list to add a new group.

Once you've successfully created/duplicated a new security group, it will appear in the Security Groups list.


Security

On the right side of the window, security privileges are organized into groups of similar permissions. Use the checkboxes and dropdown menus to enable or disable specific security privileges for the selected security group. When a particular permission is enabled, operators assigned that Security Group will be able to perform all the functions related to that permission.

When you have finished editing all of your security permissions, click Save to keep your changes or Revert to discard them.

Security Level

This setting dictates which Security Groups a user can modify. An operator with a specific Security Level can modify any security group (or person record) of a lower Security Level. For example, if you’re logged in as an operator with a Security Level of 3, you can modify any person and Security Group with a Security Level of 4 or 5.

Options

  • Person Management
  • Attended Kiosk Access
  • Self-Service Kiosk Access
  • Express Access
  • Account Preferences
  • Facility Preferences
  • History
  • Activities
  • Volunteer Applications
  • Workstation Management
  • Facility Management
  • Volunteer Verification
  • Security
  • Reports
    • Account Reports
  • Utilities
  • Exports
  • Imports
  • Operations
  • Person Status
    • Edit History

Access from Person and Application Management

Enable or disable these functions:

  • Criminal Background Checks
  • Sex Offender Checks

Allow Access to the following Classifications

These settings allow you to limit an operator's access to a specific Classification or set of Classifications. For example, records whose Classifications setting in Personal Info is set to Visitor will not be accessible to an operator whose Limit Access to the Following Classifications setting in Security does not have Visitor checked. If none the Classifications are checked, then no Admin access is allowed.

  • Volunteers
  • Students
  • Staff
  • Vendors