Home > WebEOC > Admin Guide > Installation > Manage Security Settings

Manage Security Settings

The security settings specify the user credentials and database connection the WebEOC code runs under. These settings were initially configured during the WebEOC installation procedure.

Security options also provide the ability to import or export the WebEOC security key file and specify or restrict the types of files that can be uploaded to WebEOC.

Set the Windows User Account

The Windows® User Account should be a local or domain service account whose password never expires. The account should be added to the local admin group on the machine hosting WebEOC. If the database settings are set to use Windows NT authentication, then this account is also used to connect to SQL Server® and must have DBO rights for the WebEOC database.

To change the Windows User Account
  1. From the WebEOC Configuration window, go to the Security tab.

  2. For User Name, enter the domain in the form of domain\username. For example, .\administrator for a local account.

    Tip: If the database settings are set to use Windows NT authentication, then this account is also used to connect to SQL Server.

    securitytab.png

  3. Click Save.

Import and Export the Security Key

WebEOC uses Rijndael (AES) encryption to protect sensitive data and requires a security key to access data. Since the database connection string is encrypted and stored in the registry on the WebEOC server, there may be times in which the security key file needs to be imported or exported.

Additionally, dual commit server passwords are also encrypted and stored in the database using the same encryption key. Configuration Tool security provides the capability to import and export this key as necessary for the following situations.

Web Server Synchronization

More than one Web server can be used with WebEOC, and there are two synchronization options.

  • Dual Commit Servers – Dual commit server passwords are encrypted and stored in the database. Encryption key synchronization among Web servers is necessary so all Web servers can decrypt these passwords when necessary.

  • Backup Servers – Backup servers can be configured to provide backup/failover solutions by replicating the WebEOC database to a second server.

Web Server Substitution

If a WebEOC database is used with a new Web server, the old key must be exported from the old Web server and imported to the new Web server.

To synchronize encryption keys
  1. From the WebEOC Configuration window, go to the Security tab.

    securitytab.png

  2. In the Shared Keys section, click Export Key File.

  3. Save the exported file to a storage medium.

    exportfile.png

  4. On each additional (secondary) Web server, copy the exported file from the storage medium to a folder on the secondary Web server.

  5. Click Import Key File.

  6. Browse to locate the saved exported key file and click Open.

  7. Click Save.

Restrict File Uploads

You can define file uploads to WebEOC by either allowing or restricting certain file types.

To set the rule for uploading file types to WebEOC
  1. From the WebEOC Configuration window, go to the Security tab.

    securitytab.png

  2. In the File Uploads section, select the Restrict file uploads based on file type check box.

  3. Select one of the following options:

    • Limit file uploads to restrict these file types (separate with commas) – Enter the file types you want to restrict in the text box. This option restricts these file types from being uploaded to WebEOC.

    • Limit file uploads to allow ONLY these file types – Enter the file types to be allowed in the text box. This option is more restrictive and only allows these file types to be uploaded to WebEOC.

  4. Click Save.

You must to post a comment.
Last modified

Tags

Classifications

This page has no classifications.