AyMINE – Technical documentation
Interfaces to other systems
Enterprise Architect Connector
CalDav, WebDav using Sabre
Business excelenece
Balance Scroecards
Task & Project Control
- Helpdesk ticket - reply to customer
- Test
- Qualification of user or contact
- Project role
- What makes up the methodology / QMS
- dragdrop
- Location
- My areas
- Kanban Task Overview
- Personal Task
- Internal helpdesk
- Customer Care Centre
- Project baseline
- Return project plan by baseline
- Project Schedule
- Processing time sheets
- Records managed by a project
- Activation buttons
- Why some data can't be deleted
- Starting events
- Qualification of user or contact
- task_taskobjects
- Project
- Reminders and Messages
- eventobj_raisingevents
- decision_decobjects
- eventobj_startingevents
- eventobj_eventbuttons
- Type of tests
- Deal management
- FMEA - Detection
- FMEA - Features
- FMEA Methodology | AyMINE
- FMEA - Occurence analysis
- FMEA Severity analysis
- FMEA
- Management of responsibilities - RACI Matrix
- RACI Matrix for Project
- Improvements and Preventive Measures
- Notice – example of use
- tskproblem_terminology
- 8D report
- Task Scheduling
- Administration of the Task Management Module
- Adminitration of areas, projects, calendars
- Discussion
- GDPR and record of qualifications
- System rights for the task management module
- Project Planning
- Employee Tasks
- Incident and Quality Issue Management
- Collaborative Resolution of Multiple Problems
- List of business areas
- Required qualifications
- Plan template / strategy
- Decision
- Configuration Package
- Record template
- Change management process in a project
- Task list
- Requirements
- Team Member
- Right to Manage Qualifications
- Input requirements
- Obligation
- Competencies and Skills
- Problems, tickets and their management
- Meeting
- Package definition
- Phrases and terms
- Data Area
- Risk
- Task
- Business event
- Task, project & quality management
- Records and protocols
- Directives and Policies
- Events
- Risk Pattern
- Information
- Project definition
- Activity log
- eventinstances
- Personal calendar
- Objects of decision making
- Event activation buttons
- Objects affected by the problem
- Variant decision-making
- Recorded activities
- Self-Reminders
- QMS and Task Management
- Objects related to the task pattern
- Effect of the task on the right to modify the atta
- Level of Competence
- Manager approval with the task report
- Region / project / methodology
- Manage your marks
- tskdefusertask
- Quality Management System (QMS)
- tsktask_batasks
- Project Team
- Events and meetings
- Events and meetings
- List of event instances
- moduleclientoptions
- Processed objects
- Mark patterns
- Notification events
Interprocess management
Human Resources
- hrstcontract
- roles
- Human resources
- Digital Personnel Archive
- Personalistics – User Permissions and roles
- Registration of job seekers
- Manage department / division data
- Job Position
- Worker
- Worker overview
- An overview of your staff
- Responsible HR Manager
- Synchronizing staff and system users
- modulesafety
Asset Management
- Products, assets and sales
- Tendering and purchasing
- Analytical model
- Product Supplier
- Product Categories
- Product or Product Property
- Project Goal
- Business Offer
- Offers summaries
- Recalculate bid
- Offer and Price Access Rights
- Creating and processing orders
- System order status query
- Order Reports
- Pricing
- Pricing – volume discounts
- Products and Goods
- Product status and change
- Product Units
- Quality criteria
- Why are the Quality criteria usefull
- DFMEA - Product FMEA
- Hara | Hazarad & Risk Analysis
Customer Relationship - CRM
- Contacts and directories module (
- System Permissions and CRM Module Settings
- Customer Order Overview
- Address books
- Address book list and management
- Privacy policy
- Send bulk messages in compliance with GDPR
- Bulk email footer
- Unsubscribe and set preferences
for bulk mail - How to correctly forget a person's details
- Bulk Emails
- Contracts
- Partner in a contract
- Message patterns
- Groups of contacts
- Order overview for customer groups
- Directory or people and companies
- Contact per person or company
- Quickly available contacts
Finance management
System modules
System management
- moduleclientoptions
- digiSign
- formattedtexts
- System Configuration
- Processes in use
- Client
- Configure gateways for external messages
- Message with the outside world
- Email messages
- Secure business communication
- Send SMS directly from CRM
- Call directly from CRM
- Documents and files
- Additional functions with files
- Copying and moving files between objects
- Picture presentation
- Public link to the document
- Recent Files
- Dashboard
- Object location on the board
- Client items
- Revisions and comments
- Securing posts and internal discussions
- Translations
- Record Relationships
- Relation types
- sysrole
- User Processes
- System module
- System User
- User administration
- User Administration
- Secure login to the sytem
- Connecting users to VOIP PBX
- Secure Key Wallet
Framework
- frmobjectextension
- introhelp
- introhelp_mobile
- introhelp_aplikace
- versioninfo
- releases
- AyMINE modules and basic types
- cliplink
- introhelp_settings
- introhelp_deleting
- introhelp_dragdrop
- list_filtering
- AyMINE intro
- AyMINE access security
- AyMINE Modules
- Object locks
- System rights
- introhelp_keyshortcuts
- introhelp_shortcuts
- introhelp_icons
- list
- introhelp_generalinfo
- introhelp_objectdetail
- introhelp_objectlist
- introhelp_privateobjectnotes
- AyMINE User Rights Control
- introhelp_dashboard
Password retention policy
AyMINE pays great attention to password protection so that the system meets the requirements of the ISO 27002 cryptosecurity standards
- Global rules
- Rules for user passwords
- Rules for password communication
- Management Security Rules
- Standards adhered to
- You may be interested
General rules apply to all passwords
Global rules
Passwords:
- Never stored unencrypted.
- If it is not necessary to use it, algorithms are used that do not allow the password to be determined, only to verify
- If unencrypted passwords need to be used (typically to authenticate the system to other services, such as communication gateways), the passwords are stored securely outside the encrypted passwords so that it is not possible to obtain both by hacking one system.
- Passwords are never transmitted through unencrypted channels
- Internal encryption passwords are never global, but are always related to a specific user and purpose.
- AES-256 level mechanisms are used as a minimum for encryption.
- Passwords are stored in such a way that they cannot be retrieved or reconstructed from backups, source codes, or exports (e.g. by dump the database, by hacking the system)
- All operations in which the password is used are logged. The log is kept so that it can be detected if it is tampered with.
Rules for user passwords
User passwords do not need to be decrypted. Therefore, only control hash codes are kept that make it impossible to retrieve the password in any way. In addition, the system requires the use of a secure password.
Rules for secure password
- At least 8 characters from two groups:
- Uppercase letters
- Lowercase letters
- Digits
- Special characters
Rules for password communication
- The system never sends passwords. It only sends links to pages that allow the password to be changed.
- The system never allows password changes without a two-factor user check.
- The system always informs the user if his account is handled by the administrator. It is not possible to change the user's security settings and the user is not informed by the other way (by email). In particular, the administrator has the ability to set a new password for the user, but the user is always informed by email; the administrator has no ability to influence the sending of an information email.
Management Security Rules
The system management is designed in accordance with the requirements of ISO 27002.
Physical Security
- All physical infrastructure is located in data centre premises complying with the requirements of ISO 27002.
- Neither the data centre administrator nor anyone else with physical access rights to technical equipment has access codes that would allow access to stored passwords of clients.
- If the physical devices on which the system is operated, or which store system backups, are used by unauthorised persons, they cannot obtain stored passwords.
System Access Rules
- All assets on which passwords are managed are under the direct care of the system administrator
- All access to the infrastructure that processes passwords is managed – access is documented and records who and when accesses the infrastructure are recorded.
- The system creates an independent password usage log. The log is available to the client on request (from the use of passwords it is possible to track employee data, therefore the log is not freely available).
Code management
- Code that runs in the perimeter where data is managed is audited and must not leave the administrator's technical resources
- All code changes are audited
- The system is secured by technical means to identify code changes.
Manage the passwords themselves
- Passwords are never transmitted by any physical media
- The administrator never receives, transmits or processes client passwords – passwords are always entered by the clients themselves and are encrypted immediately after entering them. Therefore, the system administrators never see the clients' passwords, nor can they be in their electronic or other communications. All passwords are entered exclusively in an environment accessed by a worker who knows the passwords.
- Passwords cannot be displayed by the system to an unauthorised person.
- Password protection is implemented in a two-tier way – this means that obtaining a first-level password does not allow decrypting stored information, which is encrypted in a second-level password.
Unauthorised access protection
- System supports access audit and permissions
- If clients have any passwords on the system, the system requires a two-factor login from all users
- System logs both user access and unsuccessful access attempts. In case of repeated unauthorised access, the system blocks further attempts.
Standards adhered to
The system meets the requirements to be used by companies meeting the standards:
- TISAX
- ISO 20000
- ISO 27000, namely ISO 27002 (replaced the older ISO/IEC17799 standards years ago)
- GDPR
You may be interested
System permissions of AyMINE framework
System Permissions of Task Control Module
System Permissions of Order Management Module
System Permissions of Persoalistics Module