Fulford Consulting Ltd.

APP Flare support & training.

0793 572 8612.

Flare help pages.

Closing APP Flare accounts.

Contents

Overview

Deleting user accounts on computer systems is generally fraught. If an account is successfully deleted the name space becomes available for re-use. Re using account IDs which may be embedded in existing records will cause integrity problems in the existing data.

Unless you can be sure that no data anywhere on the system refers to the user account, it should not be deleted.

If you do delete a user account you need to ensure that present and future users of the system are aware of the potential problems if the account id is reused.

Disabling User Accounts

When a user leaves or is suspended from duty, or is on long term leave, the Flare user account does need to be disabled.

There are 4 data sets which need to be modified to achieve this in Flare. There is no generic tool with which to update all four data sets so it is important to follow through all three actions carefully.

  1. Disable login
  2. Mark User Code redundant.
  3. Mark Officer Code redundant.
  4. Close name and address record.

Disable logins.

First and foremost disable any future logins.

This is achieved through CFU.

Find the user record and enter a date in the Account Dates' 'End' field. If you have been notified of someone's future leaving date, you can enter that date here. You cannot enter a date prior to the current date.

Once the date in the 'Account Dates' 'End' field has been reached the user will not be able to log on to the system.

User Code

Mark the user code in the Codes dictionary as redundant.

This achieves nothing in its self. It does not prevent a user from logging on to the system. It does however preserve data consistency and allows records of accounts which have been closed to be filtered out of reports.

Under no circumstances should a user code which is still active in CFU be marked as redundant in the codes dictionary.

Officer codes

The user's associated officer code should also be marked as redundant. This does not prevent the user logging in but is does prevent the officer code being used in other areas of the system such as complaints or service requests.

Redundant officer codes can be used in reports.

Name and Address Record

Many (but not all) officer/user records have an associated Name & Address record.

These records also need to be closed. Use NAU to locate the record and and enter a "Closed" date. The date may be a future or past date unlike the CFU dates. Do try to ensure that the same date is used as in CFU.

Conformance with BS7799 & the Data Protection Act.

Conformity to BS7799 requires that redundant IDs are periodically checked and removed (9.2.1.i) and that there is a process which includes "ensuring that redundant user IDs are not issued to other users" (9.2.1.j).

The DPA requires that data that is no longer required should be deleted from the system. This may be achieved by deleting the Name & address record in accordance with a policy to be agreed with the Data Protection Manager.

C W Fulford
5th August 2004


The layout and associated style sheets for this page are taken from the World Wide Web Consortium and used here under the W3C software licence.