AyMINE – Technical documentation
User Modules
Task, project & quality management
Manager approval with the task report
Why some data can't be deleted
Region / project / methodology
Change management process in a project
Qualification of user or contact
Right to Manage Qualifications
Methodology and Quality Management systems
What a methodology / QMS consists of
Customer Service Response Generation
Objects affected by the problem
Return project plan by baseline
Sample tasks and methodologies of the area
Effect of the task on the right to modify the attached object
The person responsible for the task
Working procedure – task definition
Objects related to the task pattern
Contacts and directories module (CRM)
Web management and automation
Receiving a message from the web
Human resources
Human Resources module security
Manage department / division data
Synchronizing staff and system users
Products, assets and sales
Received order for goods or services
Technical Modules
Sabre plugin module
Enterprise Architect connector
Database link to Enterprise Architect database
System Modules
The AyMINE Framework Module
Configure how your system looks and works
Gestures and keyboard shortcuts
More about how the system works
Private notes and tags for objects
Filtering in the list of records
System Management
Additional functions with files
Copying and moving files between objects
Files (documents) linked to the object
Formatted texts in the application
Gateway settings for external messages
IMP gateway settings for email communication
Secure login to the sytem
Secure login must verify that the person accessing the system is actually the one who has
- Don't overestimate the quality of your password or the protection you have against getting it.
- Read more: Password is not enough for security
- The basis of security is multi-factor login
- Two-factor login options
- You don't have to do two-factor login all the time
Don't overestimate the quality of your password or the protection you have against getting it.
A password is not enough for a secure login. If your password is simple, it can be quickly discovered by brute force, i.e. by trying different options. Remember that computers are many thousands of times faster than you are. In the time it takes you to try a password, the robot will try dozens of them.
The system resists the robots, so it's not that simple, but in principle the model works and cannot be effectively resisted.
Read more: Password is not enough for security
Even a long password is not enough
Even if you have a password of, say, 20 nonsensical characters, you have to expect to enter it somewhere where an attacker will discover it. Just use a laptop somewhere under a camera controlling the area and the password can be read from your fingers by the camera operator. There are many other ways to get the password in a public space or on someone else's computer.
Practical example: student stole teachers' access to the school system
A playful and somewhat mischievous student in a school classroom plugged the keyboard of the class computer through a box that records everything that is pressed on the keyboard. The installation takes a few seconds, and because the computer wiring is tidy, there was no danger of anyone noticing the inconspicuous box.
Teachers rotate in the classroom, so several teachers log on to the computer in one day. It is even possible to tell from the timetables what order they log in, so there is no problem matching the recorded passwords to people.
The easily accessible box thus quickly gained access to the entire school network. Anyone can do the same, and even company laptops, which most people plug into a docking station with an external keyboard at work, are not immune. And while a student will use the cheapest device that they have to take away from the computer as well, professionals will use a sophisticated device that transmits data straight away wirelessly. So you never have to detect an attacker
Example from practice: Login credentials stolen by pizza supplier
Pizza delivery drivers are usually temporary workers who often spin their way into their jobs. Therefore, it is not a problem to be employed for a month and deliver pizzas in the vicinity of a particular company.
Especially in smaller companies, it is not uncommon for the delivery person to get to the office or wait somewhere for a while. The desktop computer at the reception is also a risk.
Back to the delivery driver: He took advantage of the moment and installed a tracking device with remote transmission. In offices where several people work, the inconspicuous items left on the cabinet went unnoticed and the device was able to get the data of one employee who was in the frame.
So the delivery companies don't stone us: Don't be afraid of the delivery men, the postman and the delivery men. But never assume they are reliable and vetted people and treat them accordingly. They shouldn't be unattended anywhere that something can happen. Delivery companies certainly won't vouch for them.
The basis of security is multi-factor login
Multi-factor login probably needs no introduction, everyone knows it from e-banking. What is its main advantage? The basic idea is that obtaining or revealing some information that moves through the public domain is not enough to gain access. Thus, entering data that can be revealed by a camera, keypad reader, or similar access may not be enough to gain access.
It is therefore fundamental to security that the login requires information other than that which you know and enter. Either a device that you have or access to another system to confirm your identity.
Two-factor login options
The system allows for two variants of two-factor login: via email or a more secure and convenient form of mobile phone biometric authentication.
Email verification
The basic method of second verification is a code sent to your email. After entering the correct name and password, you will be given a code to enter and only then will the system let you in.
The email authentication method is effective against brute force access detection, but may not be sufficient in a situation where someone is eavesdropping on your passwords, for example. In fact, it is very likely that they will also gain access to your email.
Mobile authentication
If you install a mobile app (Android only for now), you can authenticate access using your mobile phone.
Once you have entered your access, you will be asked to confirm the access in the mobile phone app, which will open a login request. We recommend using fingerprint authentication, which is convenient and gives the greatest assurance that it will never intercept the code you enter.
AyMINE does not collect biometric data
Even if your biometric data is used, the system does not collect and process this data. Identifying and verifying your identity is a matter for your mobile phone and the data never enters our system. It doesn't get from your phone, or even into our phone app.
You don't have to do two-factor login all the time
You probably use the system mostly from your laptop or personal device in general. We therefore recommend that you always use the same browser and set it to be a trusted device. The system will save it and you will be able to access from the same device and browser without authentication.
Install the app via Edge on Windows
We recommend installing AyMINE in windows – you'll have an even easier job.
Advantages of the installation:
- You have the option to put the application directly on your desktop or on startup.
- The application remembers your login and saves you time at startup
- You'll get notifications in your notification bar more easily because you can leave the app running in the background. You won't close it with your browser.
Not used to MS Edge? Never mind, the app behaves exactly the same in MS Edge as it does in other browsers. Plus, it won't get tangled among other pages in your browser and you won't have to search for it.