Several Steps to Play it Safe on SOIN
1. Set Up a Change Password Routine
Many websites offering advice on website security suggest changing personal passwords every 90 days.
On Schools-On-I-Net Administrators can set the number of months desired in a change password routine. If set to 3 months, then 3 months from the date the parameter was set, the system will ask every user to change their password when he/she logs in.
2. Password Guidelines
Ask your users to set their password to something that is not obvious. Here are some suggested guidelines:
A. Choose a password that is hard to guess but easy for you to remember.
B. Make a phrase into an acronym. IE, My dog Spot has brown hair. The password would be “mdshbh.”
C. Substitute or add a number or symbol. If you substitue “s” for $ and add some numbers like 8954, The password becomes “md$hbh8954″
D. Do not use names, birthdates, social security number or sequences like abc or 123 or 222
3. Check Who has access to what…and check it regularly.
On a system based on access levels, it is a good idea to regularly take inventory of who has access to higher level accounts and who has access to sensitive links.
On Schools-On-I-Net, for example, keep a check on who can access system data: ie, the Class Setup and User Maintenance links
Also keep a check on who is listed as a SOIN Administrator, Divisional Administrator or Academic Administrator. You can use the Admin View link or the User Maintenance > User Setup to look up all users in a specific user type.
4. Users should check the last time they have logged in
Many systems today have a “Last logged in” date and time stamp.
This stamp lets you see the last time you logged in so that you can tell right away if there is a time listed that doesn’t seem right. Users should be reminded to change their passwords right away and tell their school’s SOIN administrator.
On Schools-On-I-Net, this stamp is located at the right of the user’s welcome page.
5. Using the Logout link and closing the browser.
It is important to do both on any website – Remind users to first click on the “Logout” link from AND to close the browser completely.
Remind users that this is good practice for all websites that require a login.
6. Enotifications for Excessive IP use and Staff Account creation.
On Schools-On-I-Net you can be notified every time a user account is logged in from more than 5 IP addresses in one day.
You can also be notified when a new staff account has been added.
You can find these notification parameters in the School Setup > School Parameters section under “Security.”
There is a lot of information on the web regarding website and system security. These are just a few recommendations we know you can do easily as a SOIN Administrator to help protect your Schools-On-I-Net system.
If you have any other suggestions for security, want to share how your school uses security policies or if you have any questions about the above suggestions, please reply to this email. We would love to hear from you!
Stay safe!
One Comment
Hey, I was looking around for a while searching for security schools and I happened upon this site and your post regarding y and Schools-On-I-Net School Management Software | Schools On I-Net, I will definitely this to my security schools bookmarks!