Background

Why did we take this approach?

Access and login problems have been causing lots of workflow issues, especially since our workforce is constantly changing. Also our team needs acces to our information systems from multiple locations. Accordingly, any Help file would have to be widely accessible. And yet, some parts must be kept secure. 

We have two-factor and three-factor authentication for several areas of this resource: 

• Password plus location
  • some resources can only be accessed from certain sites and networks or machines
• Password plus card
  • some resources need information that is only available on a printed card so you have to be on-site
• Password plus machine plus dongle
  • Our Sunrays and Netcare access need additional physical identity cards or RSA dongles
• Credentials stored in safe
  • Some systems need info that is kept in the safe as an additional layer

Ever wondered why banks simply rely on a simple 4 digit PIN for your cash card? That is because they also closely track exactly what you do once you are logged into the machine and if you go outside normal behaviours, your transaction is locked. All activity is closely monitored and reported. 

We have taken a similar approach with this site. Everything you do on here is logged. Anomalous activity will be flagged and reported.