Back to Community Threads
1
Atrex cybersecurity compliance questions
Question asked by Stan Paulauskas - 10/24/2024 at 9:17 AM
Answered
I am working on cleaning up our business environments. We have a number of former employee accounts still active in Atrex. I have to bring Atrex into compliance with our cybersecurity initiatives. I have a couple of questions regarding this. 

  1. What happens if I disable the "ADMINISTRATOR" account?
  2. What's the recommended process for handling ex-employees? Can I safely delete their accounts?
  3. Is it possible to disable the Administrator account on Elevate DB? 
    1. If I can't disable that account, can I change the password?
  4. Is it possible to add additional user accounts to Elevate DB with finer grained permissions without disrupting Atrex performance?
  5. What exactly is "User Security"?
  6. Is the communication between the client and server encrypted?
  7. Do newer versions of atrex support MFA?

1 Reply

Reply to Thread
0
Terry Swiers Replied
10/24/2024 at 12:29 PM
Employee Post Marked As Answer
  1. Atrex itself doesn't require a administrator user, so you CAN disable, delete, or rename it.  BUT you will need to have at least one user configured in Atrex that is either a manager or has the authority to configure/customize Atrex.  Otherwise you could end up with no one being able to access some areas of the package.
  2. Delete or disable them.  The only difference to Atrex is that disabling them helps keep the salesperson selection list smaller.
  3. You can rename the default server "administrator" account in ElevateDB, or just change the password.  If you delete all of the administrator accounts at the server engine, you will be locked out of the database server configuration utility and be unable to modify the server settings.
  4. Not without causing potential issues on the Atrex side.
  5. The Atrex "User Security" allows you to restrict access to functional areas of the package and it allows the audit trail entries to be tagged with the user who used the functions that created the audit trail entries.
  6. By default no, but you can flip the switch on the connection settings to enable standard encryption on all of the communications.  You can configure a VPN to encrypt the communications beyond the internal encryption.
  7. At this point, Atrex does not support MFA.
Back to Community Threads

Reply to Thread