Security at Login Level
Essay by Gershon Darko • July 21, 2017 • Research Paper • 2,364 Words (10 Pages) • 1,714 Views
[pic 1]
Table of Contents
SECURITY AT LOGIN LEVEL 1
To login to T24, an employee needs to input a sign on name and password. 1
PROFILE CREATION AND AMENDMENT 2
How to create user profile/record in the USER application. 2
PASSWORD RESET 7
Password Complexity 8
HOW TO START JBOSS WEBSERVER 9
TAKING BACKUP FROM T24LIVE 11
COB (CLOSE OF BUSINESS) 12
DEVELOP ENQUIRIES AND REPORTS 14
SECURITY AT LOGIN LEVEL
To login to T24, an employee needs to input a sign on name and password.
T24 validates the data entered and if correct, the employee can access T24. If not, an error message Please check your Login Credential or ‘SECURITY VIOLATION’ is displayed.
If T24 has to validate this data entered, it must be stored somewhere in the first place. These login details are stored in an application called USER. So, if you want to login to T24, you need a user profile, in other words a record created for you in the USER application.
[pic 2]
Fig: 0.1
Once a user is successfully logged in to T24, SMS checks do not end there. Anything
that a user tries to do is tracked and can proceed only if the user has necessary permissions. Before the bank allows all users to log on to T24 and start using it, it must decide what a user has access to within this system.
Every record in T24 must be authorised. When a user tries to authorise a record, T24 must check to see if the user has the authorisation permission for the application. A user will not be allowed to authorise the record with insufficient permissions.
Once the record is authorised, it moves to the authorised file.
Inputter is the person who inputs data into the fields in a record. The user must have access to the Input function.
Authoriser is the person who checks the record and authorises it. The user must have access to the Authorise function.
The error message “EB.RTN.SAME.NAME.AUTHORISER/INPUTTER” will be displayed if the same user tries to input and also authorise the record.
[pic 3]
Fig.0.2
PROFILE CREATION AND AMENDMENT
How to create user profile/record in the USER application.
A profile in T24 is the credential that allows an authorized staff access to t24 banking application
For a new T24 profile,
The user should fill the user access form and endorsed by the head or supervisor and sent to t24support@nib-ghana.com
NB: Anybody in the team can pick it up and work on it and its authorized by a supervisor
- Create a new user ID with the appropriate naming convention
- Pick an existing user in t24 with similar profile as requested.
- Copy to clipboard, edit the content and commit the transaction
- Prompt the supervisor to authorize the transaction
For an existing T24 profile, a mail should be send to t24support@nib-ghana.com
[pic 4][pic 5]
[pic 6]
Fig.1.0.
User Name - This is the full name of the user.
Sign ON Name - The ID to sign into the system. Should be unique. It is recommended to use the user’s FirstName.SecondName eg. DOREEN.QUARMSON
Classification - If the User is internal, Staff or External, Internet Bank Client.
Language - The language the system will communicate to the User.
Company Code - Specifies the company codes (bank branches) that the User can access.
Department Code – the department the user belongs to.
Password Validity: Specifies how often and on what date the User must change his Password. Next Change Date entered, must be greater than today's date (machine date) and not more than 6 months from today. Date until which the password is valid followed by the frequency of change.
Start time and End time – the times the user is permitted to access the system. These associated field may be multi valued to provide for times during the day when the user may perhaps not be permitted to access the system, for example, during lunch breaks.
Attempts – the number of ‘tries’ with the password before the user is locked out (SECURITY VIOLATION error requiring a PASSWORD.RESET action).
Initial Application -- is where the menu ID for the user will be captured, as defined in HELPTEXT.MAINMENU, may be linked. The menu ID is prefixed by a ‘?’
Customer ID and Account are completed for users of Internet Banking (External User)
Fields Company Restriction to Data To are grouped and is a Multi-value group. Extend this group if more than one Application, Company, Version or Enquiry selection is required for this User to access.
Company Restriction - What Company or Branch can be accessed. (only applicable to MB and MC implementations)
Application – This is used to determine what Application(s) the User can access. The command “ALL.PG” allows full access within the system.
Version –This will restrict the User to a specific Version of an Application. Remember to place a comma (,) before the version name.
Function - List of valid functions that the user can use in the company. Type ALL to give access to all the functions. When the record is committed, it will display the values A 2 B C D E F H I L P R S V automatically. The Q function does not appear by default. Q stands for Audit Review.
...
...