Access control ensures data safety because it is possible to exclude unauthorized actions with data via blocking data access. To get information access the user should be authorized via login and password. High level of safety is provided by passwords storing on server. There is no direct access to password base thus unauthorized access to passwords is impossible.
To realize the second component of security, BAZIS-Stock module functional capabilities allow to delimit user access to information. It is achieved by user groups creation that can operate with different data types. All the users are allocated among the groups and they get permissions according to particular group belonging. This process is realized dynamically. At any moment data system administrator can change access permissions of selected group, move the user from one group to another, create a group with new access permissions or delete unnecessary group. The last capability is realized if all the users are deleted from the group.
The third component of security policy is event logging - for the purpose of data leakage prevention and data protection, BAZIS-Stock module uses event logging. Any operation with data is chased and automatically fixed in a log. Created event log can be viewed by administrator as a report in clear and convenient form.
