"Security" Inconsistency/Confusion

John Ronan
John Ronan
Tenth Anniversary Kudos 5 Name Dropper Participant
in Blackbaud Student Information System™

On my computer, I routinely run several ‘tabs’ of Blackbaud Education Management (BEM) and an instance of Raisers Edge/Nxt and Raisers Edge Database view.

Now, I get that BEM has security features built in to force a logoff after a certain amount of inactivity. This way, a bad actor can't just come by my computer [after a certain period of inactivity] and do something nasty while I'm away from my desk, e.g.

It seems at times that, even if I have been [very] active in one ‘tab’ of BEM, it will simply spontaneously log me off of that tab! Could it be because of inactivity in one of the other BEM tabs?

If so, I object (;-) . To me, this is ‘paranoid’ behavior that is nothing but disruptive.

Furthermore, and interestingly/paradoxically, if I have a Citrix page open in [another] tab, that page will stay up indefinitely, which means that same ‘bad actor’ even though he cannot access the BEM sessions, can just start up a database view session and have his way with it without any security checks.

This is inconsistent at best: it's too restrictive for BEM and too permissive for RE Database View.

My $.0002, but I would appreciate anyone else's experience.

Comments

  • Susan Ott
    Susan Ott
    Tenth Anniversary Kudos 3 Name Dropper Participant

    @john ronan This happens to me all the time and it is maddening. I was told by support that if you're not active in one of the products, it will log you out of all of them. Happens to me multiple times a day if I don't remember to go to the less active tab periodically.

Categories