Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!
Looking for Ideas in Time clock program software
Hi Experts,
I have a program that keeps information on time clock for employees daily schedule.
Each employee enters their name/initials and clicks a button that automatically saves the date/time user came and left.
Now our manager is concerned about fraudulent entries, meaning some employees will ask their friends to open the system and click for them..
Any idea how I can build in a security logic into the system to prevent this?
P.S. I know there are ready packages in the market with face/fingers recognition etc.. just wonder if we can make up something w/o the need to switch to third party software.
I have a program that keeps information on time clock for employees daily schedule.
Each employee enters their name/initials and clicks a button that automatically saves the date/time user came and left.
Now our manager is concerned about fraudulent entries, meaning some employees will ask their friends to open the system and click for them..
Any idea how I can build in a security logic into the system to prevent this?
P.S. I know there are ready packages in the market with face/fingers recognition etc.. just wonder if we can make up something w/o the need to switch to third party software.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
The only logic that will be bullet proof is biometrics.
I just looked online saw various fingerprint readers ranging low as $100 and going up to $400.
Is your program home grown or purchased?
How do the employees record the entry?
Are you looking to slipstream this hardware into the the current program
I just looked online saw various fingerprint readers ranging low as $100 and going up to $400.
Is your program home grown or purchased?
How do the employees record the entry?
Are you looking to slipstream this hardware into the the current program
The issue here is SECURITY.
Access is NOT a very secure platform.
If your db is ever compromised, ...the attackers have the employee fingerprints *FOREVER*.
My suggestion is to leave things like this to the experts.
Get an off the shelf package that relies heavily on high level encryption, for this highly sensitive and "unchangeable" information.
Next to DNA, this is one of the most sensitive pieces of information you can collect on a person.
Unlike a password, ...you cant change your fingerprint/DNA, ...etc.
So again, ...once a hacker has this info, ...they have your (employee) identity information FOREVER...
Access is NOT a very secure platform.
If your db is ever compromised, ...the attackers have the employee fingerprints *FOREVER*.
My suggestion is to leave things like this to the experts.
Get an off the shelf package that relies heavily on high level encryption, for this highly sensitive and "unchangeable" information.
Next to DNA, this is one of the most sensitive pieces of information you can collect on a person.
Unlike a password, ...you cant change your fingerprint/DNA, ...etc.
So again, ...once a hacker has this info, ...they have your (employee) identity information FOREVER...
@yo,_bee
I'm actually not looking to be 100% (for the time being), just want to make it difficult to use someone else's credentials..
However after viewing Jeff's wise comments above, I better stick out of this..
@Jeff,
Thanks for opening my eyes on the real security breaches..
Thanks,
Ben
The only logic that will be bullet proof
I'm actually not looking to be 100% (for the time being), just want to make it difficult to use someone else's credentials..
Are you looking to slipstream this hardware into the the current programPerhaps I was thinking into such an approach..
However after viewing Jeff's wise comments above, I better stick out of this..
@Jeff,
Thanks for opening my eyes on the real security breaches..
Thanks,
Ben
How about a security camera above the time clock system. Warn the staff that if they are caught defrauding the system they will be sacked. Even a dummy camera may be enough of a deterrent.
@akb,
We have already plenty of cameras in place, in addition to LanSchool software. apparently none of these is doing the job..
@All,
I thought of something, perhaps checking the IP of the computer from where they did clock in, and compare to the list of IP we have for that user in our list..
However that will not prevent users from going to someone else's pc and doing it from there.
Any suggestion to solve this?
Thanks,
Ben
We have already plenty of cameras in place, in addition to LanSchool software. apparently none of these is doing the job..
@All,
I thought of something, perhaps checking the IP of the computer from where they did clock in, and compare to the list of IP we have for that user in our list..
However that will not prevent users from going to someone else's pc and doing it from there.
Any suggestion to solve this?
Thanks,
Ben
Checking the IP address would be a lot of work.
Especially when the IP/domain might change.
Besides, ...there should be only specific "dedicated" computers that will allow logins
Especially when the IP/domain might change.
Besides, ...there should be only specific "dedicated" computers that will allow logins
If each employee has their own machine, you could record the MAC address of this and set a filter that you have to log out before you can login using the same MAC address.
If one is logged in, he/she can't log another one in before logging out - and so on.
Of course, using two machines from outside, say a workstation and a laptop, you could fool the system.
/gustav
If one is logged in, he/she can't log another one in before logging out - and so on.
Of course, using two machines from outside, say a workstation and a laptop, you could fool the system.
/gustav
Like I said to be bullet proof you need to implement something that you are unable to reproduce with only the user being present.
BioMeteric is the way. There are systems out there that do not cost much to implement.
BioMeteric is the way. There are systems out there that do not cost much to implement.
@Jeff,
Are you referring it will put too much of stress on the pc?
@Gustav,
Yep, your suggestion sounds good & gets us closer to secure the system..
@yo_bee,
I hear what you're saying, however I also saw Jeff's concerns about encapsulating the fingerprints in our DB, I doubt our manager will approve it.
Also as mentioned, we are not looking currently to switch system, rather considering options to enhance our system
@All,
I'm still open for suggestions (including covering up wholes left by prev suggestions), feel welcome to pitch in..
Thanks,
Ben
Checking the IP address would be a lot of work.We have the functions below that check for IP and Mac address.
Public Function getIPAddress() As String
Dim s As String, i As Integer, strComputer As String
strComputer = "."
Set objWMIService = GetObject( _
"winmgmts:\\" & strComputer & "\root\cimv2")
Set IPConfigSet = objWMIService.ExecQuery("Select IPAddress from Win32_NetworkAdapterConfiguration ")
For Each IPConfig In IPConfigSet
If Not IsNull(IPConfig.IPAddress) Then
For i = LBound(IPConfig.IPAddress) _
To UBound(IPConfig.IPAddress)
s = s & " " & IPConfig.IPAddress(i)
Next
End If
Next
getIPAddress = s
End Function
Public Function getMACAddress(Optional ByVal strComputer As String = ".") As Variant
Dim objWMIService As Object
Dim colItems As Object
Dim objItem As Object
Dim vResults As Variant
Dim i As Long
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery _
("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")
vResults = Empty
If Not colItems Is Nothing Then
If colItems.Count > 0 Then
ReDim vResults(colItems.Count - 1)
i = 0
For Each objItem In colItems
vResults(i) = objItem.MACAddress
i = i + 1
Next objItem
End If
End If
getMACAddress = vResults
End Function
Public Function GetMACAddressSingle()
Dim vMacs As Variant
Dim vMACAddr As Variant
vMacs = getMACAddress
If Not IsEmpty(vMacs) Then
For Each vMACAddr In vMacs
GetMACAddressSingle = vMACAddr
Exit Function
Next vMACAddr
End If
End Function
Are you referring it will put too much of stress on the pc?
Especially when the IP/domain might changeRight, I guess Mac will be a better idea like Gustav suggested.
there should be only specific "dedicated" computers that will allow loginsWhy? Will that in some way help us in this case preventing fraud?
@Gustav,
Yep, your suggestion sounds good & gets us closer to secure the system..
@yo_bee,
I hear what you're saying, however I also saw Jeff's concerns about encapsulating the fingerprints in our DB, I doubt our manager will approve it.
Also as mentioned, we are not looking currently to switch system, rather considering options to enhance our system
@All,
I'm still open for suggestions (including covering up wholes left by prev suggestions), feel welcome to pitch in..
Thanks,
Ben
I do not think the FP is stored in the Access DB I am pretty sure that is stored on the device.
Using that as the Key to unlock and send your record to the DB.
I would recommend that you speak to a sales engineer to validate this.
Since you are looking to switch systems this is a perfect time to look at the software that comes along with these readers.
Using that as the Key to unlock and send your record to the DB.
I would recommend that you speak to a sales engineer to validate this.
Since you are looking to switch systems this is a perfect time to look at the software that comes along with these readers.
@yo_bee,
We discussed with the manager, and looks like if start going in that direction he would go all the way, meaning purchase a software that keeps all clocking too..
So for the time being, I guess Gustav's suggestion is the way I would prefer to use,
@All,
However, re Gustav's suggestion above I'm concerned of the following.
Users may realize that the clock ins only work from their pc, and then they will easily beat the system, just ask the friend to go over to their pc and do login..
Any suggestions to cover this?
Thanks,
Ben
We discussed with the manager, and looks like if start going in that direction he would go all the way, meaning purchase a software that keeps all clocking too..
So for the time being, I guess Gustav's suggestion is the way I would prefer to use,
@All,
However, re Gustav's suggestion above I'm concerned of the following.
Users may realize that the clock ins only work from their pc, and then they will easily beat the system, just ask the friend to go over to their pc and do login..
Any suggestions to cover this?
Thanks,
Ben
> just ask the friend to go over to their pc and do login ...
He can't - not until the original user has logged out.
/gustav
He can't - not until the original user has logged out.
/gustav
Premium Content
You need an Expert Office subscription to comment.Start Free Trial