| |
|
|
Hot Topics
e-KSF Security Improvements
We’re often asked about the security of e-KSF. “Is a web-based system a truly safe way of storing data?” The short answer is: “Yes, but systems are only as secure as their weakest link”. We do all we can in the e-KSF team to make sure that e-KSF uses industry-standard security to prevent unauthorised access to data. The way we usually describe this is “e-KSF is as secure as your online bank account, or the credit card transaction you use in a shop). However – you’ve guessed it – it’s the login names and passwords that individual users have, which are the biggest risk to security. An easy-to-guess password, or one written down on a post-it note by your computer, is asking for trouble!
There are some practical things you can do:
1) When you next log in to e-KSF, the system will check that your username and password are 8 characters long or more. If not, you’ll be prompted to change them. This is a one-off task to improve security of your account. It’s particularly important that your administrator passwords are secure, and also that if an administrator leaves your organisation, that you lock or delete their account (checking first that you won’t lose any data by doing this – our support team can help you here)
2) Remind all e-KSF users in your organisation to change their passwords, too. e-KSF prompts people to change their password when they first log in – but the time between user data being uploaded, and this first log in, is when the greatest risk to unauthorised access occurs. This isn’t as scary as it sounds – if someone hasn’t logged in yet, their account will basically be empty of personal development data!
3) If you upload lists of users “in bulk” to e-KSF, try to ensure that everyone’s password is different. It may be tempting to use the same password for all users, but we’ve found that this does cause problems, particularly if people don’t change their password away from this default very quickly. We recommend that you upload lists of users as close as possible to training sessions on e-KSF, and if there is a gap between upload and people using the system, email people asking them to just log in and change their details, reassuring them they they’ll find out much more about the system soon! This can also be a good opportunity to communicate with your employees about your organisation’s plans for e-KSF.
Remember that e-KSF, used well, is safe and secure – and certainly much more secure that personnel files in office filing cabinets! A few minutes spent on this now, will ensure that that all your staff can safely use the system to help them develop their knowledge, skills, and careers, supported by the KSF. |
|
|
|
