Posts Tagged ‘security’

Question – I have a supervisor who I want to manage schedules, but not review or approve timecards, how can I setup a new security group to do this?

Friday, November 9th, 2012

Turn ON scheduling:

Turn OFF Timecard & Payroll

And make sure Review, Update and Approve Timecard is OFF

 

What methods of punch in do you support?

Monday, February 13th, 2012

We currently support 5 different punch in methods. These are:

  1. Employee Code & Password - This is the simplest and easiest method to setup. The employee code usually relates to their payroll number and a secure password.
    Works on Windows or Mac
    Up Front Cost: $0
    Ongoing Annual Cost: $0
    Pro: Simple, no hardware required.
    Con: Employees could swap credentials and buddy punch.
  2. Yubikey - This technology uses an external USB device that slides into a PCs USB port and the button is touched to create a unique one time value for the employee. When an employee leaves, you can re-use the key with a different employee (transferable).
    Works on Windows or Mac
    Up Front Cost: $15-25 per employee
    Ongoing Annual Cost: $0
    Pro: Simple, reliable, secure, no two keys are the same, fast as there is no typing involved.
    Con: Employees could swap their keys between employees, but they would have to physically have the device at each action, so not practical and not likely to happen. Require a USB port to be accessible.
  3. Barcode/Swipe Card – This technology uses an external barcode reader or swipe card reader to read a barcode or magnetic card. Creating barcodes is BUILT IN (and free) to TimeWellScheduled, so you simply need to print them and attach to an employee card.
    Works on Windows or Mac
    Up Front Cost: $125-$200 per punch in location
    Ongoing Annual Cost: $0
    Pro: Simple, reliable, fast as there is no typing involved.
    Con: Employees could swap their barcodes between employees, but they would have to physically have the device at each action, so not practical. Does require a device per punch in location. Most barcode readers require a USB port.
  4. Biometrics - This technology uses an external device to scan a fingerprint and compare to the one on file. Requires a USB port to be accessible, and a small java program to be installed.
    Works on Windows only.
    Up Front Cost: $100-$150 per punch in location
    Ongoing Annual Cost: $0
    Pro: Simple, reliable, secure, fast as there is no typing involved.
    Con: Restricted to a Windows machine running java. Does require a device per punch in location and each employee must be scanned the first time during roll out.
  5. Photograph – This technology uses the iPad or iPhone to take a picture when the employee is performing an action and is recorded against the timecard (note, it is NOT analyzed to be the right employee). An employee code and password are still required.
    Works on iPad/iPhone only.
    Up Front Cost: Cost of iPad/iPhone per punch in location
    Ongoing Annual Cost: $0
    Pro: Simple, allows you see who is clocking in.
    Con: Restricted to an iPad or iPhone.

SecurityNow!

Tuesday, April 12th, 2011

This (YouTube) video link is to a prominent and well-respected podcast on the topic of security, as its name suggests: SecurityNow!

Recently there was a widely publicized RSA security breach and their formal Open Letter describing very little here:

http://www.rsa.com/node.aspx?id=3872

Steve Gibson assesses the above communication piece as well as other news and has an excellent summary on his blog here:

http://steve.grc.com/2011/03/19/reverse-engineering-rsas-statement/

Nerds On Site standardized to the Yubikey (www.yubico.com) as a two-factor authentication device, and we’re obviously pleased to share that Yubico does not suffer from the same single point of weakness as RSA did.

No need to take our word for it, but check out the Yubikey and consider it for your two-factor authentication for punch-in and punch-out processes in environments where appropriate.