Collect! Credit and Collection Software™

  Detailed Field Information Page Table of Contents Related 'How To' Tutorials

Operator Security

The Operator Security section of the Operator form controls access levels and other security settings pertaining to this operator.


Operator Security tab

Useful Note Several of these settings may be used to easily and effectively restrict access to your accounts using methods described in Help topic, How to Restrict Access to Accounts.

These and other available settings are explained below.

ID

This is the short identification code assigned to the Operator or Sales Team. This ID is used to set every parameter in Collect! that relates to the operator. The ID that you choose for each Operator must be UNIQUE.

If you are using Sales Team functions then you should assign distinct ID codes to Distribution Teams. It is suggested that you use codes that clearly designate Sales Team IDs as different from your individual Operator IDs.

Useful Note You cannot use "System" or "Admin" for your ID. These are reserved words.

Top of page.

Group ID

This is a user-defined field where you can select an ID from the Operator pick list. This enables you to group Operators for your own purposes. This is a loosely organized group with no automatic functionality. You can use it to track performance, calculate commissions or set other options. To use this field in a report, you can use WHERE (@os.gi = {myID}) to find all members of the group. Please refer to Help topic, Operator Group for details about creating a more formal group of operators with added functionality.

Top of page.

Auth

Collect! allows you to associate your Windows account with your Collect! account. When you sign in for the first time, with a valid password, you will receive a prompt asking if you want to Automatically sign in with Windows Authentication.


Sign on with Windows Authentication

If you select YES, your Window ID will be written to this field. When you sign into any computer on your network and open Collect!, it will automatically sign you in.

If you select NO, the value '=IDPASS' is written to this field. Each time you sign into Collect!, you will be prompted to enter an ID and password.

Useful Note If you have an operator who needs access to multiple operator accounts in Collect! such as an IT person or someone who works in multiple departments, you can put the Windows ID in the AUTH field of multiple operators. When that Windows user signs in, they will be given a list of operator IDs to select from.


Sign on with Windows Authentication for Multiple Operators

Top of page.

Password

This is the password used when the Operator signs on to the system. Passwords can be the same among a group of users. This field is ignored for Sales Team definitions.

The Password may be up to 21 characters and/or numbers. Passwords are case-sensitive.

When creating a new operator, you will need to click OK to commit the operator to the database first, then go back in to set the password.

Click the CHANGE PASSWORD button to either set or change an operator's password.

Useful Note You cannot use a password of ******** ( 8 asterisks).

If an error occurs when you create a Password, you will be sent back to the Change Password form to correct the error. You can still leave the Operator without correcting the error by pressing ESC on your keyboard.

Top of page.

User Level

This is the level of the User. This can range from a Junior Collector with very limited access rights, to a System Manager who has complete control over Collect! Press F2 when you are in this field, or select the down arrow next to the field. Either way, the list of User levels is displayed for you to make a choice. You can create your own User levels with their own set of rights. This field is ignored for Sales Team definitions.

Useful Note It is recommended that you use the predefined User Levels provided by Collect! and modify them if needed. You should have a good idea of the rights of each Level before you assign a Level to your Operators.

Useful Note You should only use User Level 99 for administrative purposes. Assigning a User Level 99 may result in losing functionality that relies on Collect!'s access rights system.

Useful Note The value in this field may be used in contact plans to trigger events based on the Debtor Operator's User Level.

Top of page.

Enable MFA

When this switch is ON, MFA will be enabled for the Operator and the user will be expected to type in an MFA code after signing in with the normal user name and password.

Top of page.

MFA Verified

This switch is turned on the first time they sign in with a valid MFA code. If the switch is turned off a new secret will be generated when they sign in and they will be presented with a new bitmap to scan. If the switch is on, their existing secret will be used to verify the MFA code they enter.

Top of page.

MFA Email

If this switch is on, an email will be sent to the Operator with their one-time password. This requires a valid email on the Operator record and is meant as an alternative to the QR Code. This requires Collect! to be setup for email and the Operator record to have a valid email address. Please see the Help topic How To Setup Sending Email In Collect! for more information.

Top of page.

Security

When this switch is ON, Collect! will allow this operator to access accounts which you have restricted, either through the Debtor Detail form or through the other security settings available in Operator Security. You can customize this further using the 'Strict' switch below this check box.

Please see How to Restrict Access to Accounts for instructions on using this feature.

Useful Note The security options also work for client operators like sales people. When enabled, you can restrict access to clients to operators by filling in the Client Operator, Assign Accounts to Operator, or Assign Sales to Operator fields. If you have Sales Teams, you can specify a team on the Client Operator field.

Useful Note You cannot switch OFF 'Security' if you have switched ON 'Strict' as 'Strict' can only be applied to accounts when 'Security' is switched ON. If you want to switch OFF 'Security', remove the check mark from 'Strict' and then you can remove the check mark from 'Security'.

Top of page.

Strict

This switch controls whether or not restricted accounts appear to the operator. When this switch is ON, this operator cannot see any accounts which they do not have access to. The accounts are completely invisible to the operator, even when browsing or printing a report.

When this is switched OFF, this operator will be allowed limited, read-only access to these restricted accounts.

Useful Note When you switch ON 'Strict', the 'Security' check box above it will be marked automatically as 'Strict' can only be applied to accounts when 'Security' is switched ON.

Please see How to Restrict Access to Accounts for instructions on using this feature.

Top of page.

Locked Out By Default

When you have 'Security' switched ON, you can switch this ON to lock out this operator from all accounts in your database. This is a comprehensive way to apply account access control without having to set each account.

Useful Note Only accounts that have this Operator ID in the Debtor Operator or Sales field will be able visible to the operator. If you want to grant access to other individual accounts to this operator, put the operator's ID in the Debtor Detail Clerk or Access field or put in a Team ID that this operator belongs to.

This setting can be further enhanced with the use of the 'Strict' setting. Please see How to Restrict Access to Accounts for instructions on using this feature.

This setting is ignored if the Operator Type is CLIENT.

Top of page.

Client #

Use this field to restrict this Operator to only view accounts for this particular Client. Only the accounts for this Client # will be accessible to the Operator.

Useful Note This is tied into a hierarchical client ownership system. If the Client # you enter here owns other clients, they will also be visible to this particular operator through the Browse Debtors and Find By menus. All other accounts will not be visible.

This setting is ignored if the Operator Type is CLIENT. In that case, you MUST enter the Client # in the field beneath the field labeled 'Actual' in the top part of the Operator form.

Top of page.

Apply To Client Accounts

Switch ON this setting if you want to enable this Operator to view Client accounts while restricting access to only the Client # you have set, or any Clients owned by the Client # you have set.

Useful Note This is useful for your Sales Operators. It enables them to view and edit the Client accounts you want them to see. When you combine this with Client Hierarchy, you can set up a very nice working environment while ensuring proper restrictions.

You can also setup operator teams for security. For example, if you have an account that should be accessible by a team instead of just a single operator, you can assign the operator to a team and assign the debtor to the team instead of the operator. Alternatively, you can put the team ID on the debtor's Access field located on the Debtor Detail form.

Please refer to the Help topic How to Setup a Security Team for more information.

Top of page.

Enable Verification

Switch this ON to prompt operators to confirm important information before they exit a form. This is a very useful feature for confirming data or simply to make sure the operator has important information that you need.

There are a few steps necessary to set up this procedure. Please refer to Help topic, How to Prompt To Verify Field On Exiting A Form for details. This will explain how to proceed with verification on the field of your choice.

Top of page.

Allow Browser Signon

Switch this ON to allow this operator to access Collect! over the Internet using Collect!'s Web Host.

Useful Note This switch works with the Web Data Entry feature. It has no effect on the use of Collect! in ordinary network setups.

Please refer to Web Host for more information.

Top of page.

Password Never Expires

If you set a number of days globally in the 'Renew password every' field in the Password Settings form (accessible through the System menu, Rights option, at the top of Collect!) then operators will be prompted to renew their passwords. Switch ON 'Password never expires' with a check mark to avoid the system prompting the user to renew the password.

Top of page.

Must Change Password Next Logon

Switch this ON with a check mark to force the user to change their password the next time they sign into Collect!.

Top of page.

Account Is Disabled

When you switch this ON with a check mark, the operator will not be allowed to sign into Collect! A message will be displayed informing the operator of this with a suggestion to contact the system administrator.

Top of page.

Account Is Locked Out

You can enable this switch with a check mark to lock a user out of your system. They will not be able to sign in at all. To re-enable the account so that the user can sign in, clear the check mark from this field.

If you set a number of tries in the 'Lock out after' field in the Password Settings form, this will set a limit to the number of signon attempts Collect! will allow a user. When a user has entered too many incorrect passwords, this switch will become enabled and they will not be able to sign in at all. To re-enable the account so that the user may sign in, clear the check mark from this field.

Top of page.

Show Passwords

Switch this ON to unhide Operator Passwords. The effect is immediate. Once you have switched ON Show Passwords, you can navigate through the list of Operators and all the Passwords will be visible.

The "Show passwords" switch is visible only if you are signed in at User Level 99. It works only for User Level 99, for security reasons. No other level can unhide or view Operator Passwords.

Top of page.

Allow Local File Copies

Switch this ON to automatically store printed files locally. Operators with the switch ON will be able to print documents to a local My Collect! Documents folder inside the My Documents folder of the currently logged on Windows user.

Useful Note You are making local copies of files on operators' machines. Debtor or client data may be stored in these documents. If you are a high security company and cannot store data off the server, don't use this switch.

Because the files are local, this preserves your single socket connection to the server. Operators with this switch ON will be able to print documents even through the Client executable.

This switch has no effect on HTML files, because these files may have external dependencies.

Top of page.

Log Viewed Accounts

Switch this ON to log account activity to the Application Log. Every account that this operator views will be written to the log with a date/time stamp.

Collect! considers as "Viewed" opening the Debtor form and any part. Creating or modifying Contacts and Attachments are recorded as "Viewed" as well.

Please refer to Help topic, Collect! Log Viewer for more information about the Application Log.

Top of page.

Create Contact

This box works in conjunction with Log Viewed Accounts above. Switch this ON to create a Review contact on the Debtor that the account was viewed. In addition to the date and time the account was opened, it will also store the Elapsed Time that the Operator was on the account. The Contact Type will be "Operator Viewed."

Top of page.

Log Modified Accounts

Switch this ON to log account activity to the Application Log. Every account that this operator modifies will be written to the log with a date/time stamp.

Collect! considers as "modified" any change to the actual Debtor form, the creation or modification of Notes, Cosigners, Transactions, Debtor Detail and the Misc tab. Also, any changes to the Credit Report Details tab.

Useful Note Creating or modifying Contacts and Attachments from the Debtor are not considered as modifying the Debtor. However, this logged as "Viewed" because the Debtor form is open.

Please refer to Help topic, Collect! Log Viewer for more information about the Application Log.

Top of page.

Enable Secure Socket Layer

Switch this on to enable SSL automatically when a Web Host operator logs into Collect!. This setting is used with the following two settings to determine how the SSL will be used.

Top of page.

Stunnel Socket Wrapper

When this setting is chosen, Collect! automatically starts the Web Host with the /W1s argument. This must be used with a third party SSL utility.

Top of page.

Internal Collect! SSL

When this setting is chosen, Collect! automatically starts the Web Host with the /W1ss argument. This uses the internal SSL functionality of Collect!. No external utilities are needed. Collect! will use Port 443 for HTTPS by default, or you can set a different port using the /y argument.

Top of page.

Web Host XML Data Pump

This setting allows a user to pipe data directly into Collect! using XML. The Operator Type must be Web Host to use this feature. Collect! automatically starts Web Host with the /W3 argument. Use with Trusted Hosts to add a layer of security. Please refer to Help topic, Web Host XML Data Pump for more information.

Top of page.

Deny Multiple Signon

Switch this ON with a check mark to restrict this Operator to signing into only one instance of Collect! at any given time.

When this switch is ON and the Operator attempts to sign on more than once, this will generate an error message. The event will be written to the Application Log and Collect! will shut down.

Useful Note This evaluation takes place during the opening of a database when Collect! retrieves the Operator record.

Top of page.

Was this page helpful? Do you have any comments on this document? Can we make it better? If so how may we improve this page.

Please click this link to send us your comments: helpinfo@collect.org