|
Q: Does ExpressAdmission system require a guard to make it effective?
|
A: No. While it does not have to replace a guard, it can. The system will work
with secure door systems and garage entrances, too.
|
|
Q: How can the entry/exit reports be integrated into an HR (Human Resource)
system for employee record-keeping?
|
|
A: ExpressAdmission offers customization services. The software may
be easily integrated with existing HR database. Employees interacting
with the system are logged in and time-in/time-out records are created and
stored in the database. At any time, HR reports may be created,m reviewed, and
exported for future processing.
|
|
Q: What other tasks may the employees perform using the system?
|
|
A: Employees may perform visitors pre-announcement. An optional web-enabled
interface can be made available on the employer server. Using the web
interface, employees may do the following:
-
per-announce a visitor
-
enter vacation time and review manager approval
HR employees can do the following:
-
enter paid national holidays
-
enter each employee pay rate, and work shifts
-
create employees records including employees snapshots
-
assign employees access permission level
|
|
Q: Does the company provide a leasing option for the equipment?
|
A: Yes—you may lease or buy the system. Just contact us
.
|
|
Q: Do I need a scanner at each entrance if our building has multiple doors?
|
|
A: You can decide if you want to direct your guests via signs to one main
entrance, so it is easy for people to scan-out when they leave. However, it is
suggested that you have a unit at each entrance for more convenience.
|
|
Q: If I have an employee-only entrance, will the computer at that location need
to have a different database than the public entrance?
|
|
A: No, the HR function can run concurrently from the same server and database.
|
|
Q: How is the information secured, especially in a medical setting to ensure
HIPAA compliance?
|
|
A: Sensitive data is encrypted before it is stored in the database in the
encrypted form. The system uses NIST certified AES 128 bit. Other data may be
encrypted or stored unencrypted depending on the setup performed by the “system
administrator”.
|
|
Q: How can I see a demo?
|
A: We are happy to discuss a demo. Call:
301-258-9599
or
888-389-6822
|
| Q: Where do I buy supplies for the
badge printers?
|
A: From us at the above phone numbers.
|
|
Q: Does the computer printer, which prints the reports, require a printer at
the point-of-entry, or does that network with a building manager’s main office
printer (even if off premises?)
|
A: This can be accomplished either way and additionally through the internet or
intranet as desired by user.
|
|
Q: Is there a quantity discount for purchasing multiple systems?
|
A: Yes! Just ask us.
|
| ExpressAdmission
Enterprise Version |
| NETWORKING QUESTIONS
|
|
Q: What Database server does the system use?
|
|
A: Enterprise version uses MS SQL database server as the backend engine.
|
|
Q: DATA INTEGRITY - What methods of data reconciliation does
your software provide?
|
|
A: Reconciliation is done through:
-
Record counts per day Report
-
Visitors/badges Correlation Report
|
|
Q: DATA CONFIDENTIALITY - Is the Client to server
communication encrypted? If so, what encryption methods are supported (SSL,
IPSEC,etc)?
|
A: Use of the SSL protocol is implemented through installing a certificate on
the database server, configuring SQL server for SSL to create an encrypted
channel. The client computer must also have a root certificate authority
certificate from the same authority. Both client and server must be configured
to force protocol encryption.
|
|
Q: DATA CONFIDENTIALITY - What, if any, data is stored or
cached on the client system? How is this data protected from unauthorized
access by users of the system?
|
A: The data stored on the client system consist of printers identification,
station identification data. This information is stored in a local mdb file and
encrypted only if necessary, since this data is not critical.
|
|
Q: DATA CONFIDENTIALITY - How is sensitive data (i.e. SSNs,
Driver’s license numbers) stored in the database? Is it encrypted?
|
A: Sensitive data is encrypted before it is stored in the database in the
encrypted form. The system uses NIST certified AES 128-bit encryption. Other
data may be encrypted or stored unencrypted depending on the setup performed by
the system administrator.
|
|
Q: USER ACCOUNTS – Does the system support NT authentication?
|
A: The system supports authentication against Microsoft Windows 2000/2003
Active Directory and Novell Edirectory via LDAP. In addition, authentication
information can be stored in the SQL database.
|
|
Q: USER ACCOUNTS – Does the built-in authentication use a
hashing algorithm to store user passwords? If so, which algorithm?
|
|
A: Stored Password confidentiality and data integrity is achieved through a
hashing algorithm using any of the following algorithms:
-
Rijndael
-
RC2
-
DES
-
TripleDES
|
|
Q: USER ACCOUNTS– Do users have the ability to change their own
passwords?
|
A: Yes at the system database level. Active Directory password changes is
only supported if required.
|
|
Q: USER ACCOUNTS – Does the system support Password
Expiration?
|
|
A: Password expiration is supported for all SQL stored password.
|
|
Q: USER ACCOUNTS – Does the system enforce minimum
password complexity requirements?
|
A: Yes. Password complexity is specified by the system administrator.
|
|
Q: USER ACCOUNTS – Does the system enforce minimum password
length?
|
A: Yes. Password length policy is set by the system administrator.
|
|
Q: USER ACCOUNTS – Does the system user account
lockout/temporary disable based upon failed login attempts?
|
A: Yes. Number of logon attempts is set by the system administrator.
|
|
Q: Does the system rely on any plaintext protocols (telnet, FTP,etc.) or known
insecure protocols (SSH v1)?
|
A: No.
|
|
Q: Is there an editable warning banner available at client logon?
|
A: Yes. Warning banner can be set and updated by the system administrator.
|
|
Q: Audit Trails - Do the system audit logs include
login/logout activity?
|
A: Yes. Every time a logon/logout occurs, the system logs that action.
|
|
Q: Audit Trails - What level of details do the system audit
logs provide regarding user activity?
|
A: Each task performed by the user is logged and a report may be created for
that purpose.
|
|
Q: Audit Trails - Are the audit logs accessible by
administrative users only?
|
A: Logs are accessible to the administrator and other permission levels as set
by the administrator.
|
|
Q: Audit Trails - What account activity reports are available?
|
A: Many activity reports are available. Visits reports, login/logout reports
and many more. If there is any particular report needed, it will be created
during the software customization, or right after the order is placed and
before delivery.
|
|
Q: Can you provide any “best practices” style SOP documentation for using and
administering the system?
|
A: Yes.
|
|
Q: Does your Annual Maintenance Agreement include telephone technical support?
If so what are the support hours?
|
A: Technical support is included and available 24/7.
|
|
Q: Does your Annual Maintenance Agreement include version upgrades and patches
(without additional costs)?
|
|
A: Maintenance agreement includes upgrades and patches without additional costs.
|