Security & Access Control

What You’ll Learn

In this module, you’ll explore how BigLedger keeps your data secure. You’ll see user management, role-based permissions, session controls, and complete audit trails of all activities.

ℹ️
Time Required: 15 minutes | Skill Level: Beginner-friendly | UTM Requirements: 9.15

Before You Begin: Key Terms Explained

TermWhat It Means
UserSomeone who logs into the system
RoleA set of permissions (e.g., “Finance Officer” can do X, Y, Z)
PermissionThe ability to do something (view, create, edit, delete, approve)
Session TimeoutAutomatic logout after a period of inactivity
Audit TrailA log of who did what and when
Maker-CheckerOne person creates, another approves

Why This Module Matters

Security is critical because:

  • Data protection - Only authorized people access sensitive information
  • Accountability - Know who did what and when
  • Compliance - Meet government security requirements
  • Fraud prevention - Separation of duties and approvals
ℹ️
For UTM: This addresses requirement 9.15 covering user ID expiry, automatic logout, last access display, and role-based access control.

Test Scenario 1: User Management

Objective: See how users are managed

Time: 3 minutes

Step-by-Step Instructions

  1. Navigate to: Admin → User Management → Users

  2. View the list of users

  3. Click on any user to see their profile

What You’ll See

TabInformation
ProfileName, email, department, status
RolesAssigned roles and permissions
SecurityPassword policy, expiry date
HistoryLogin history, last access

Try This

  • Look at the different roles assigned
  • See when the user last logged in
  • Check if there’s an expiry date set
ℹ️
UTM Requirement (9.15a): The system must allow setting expiry dates for user IDs.

Test Scenario 2: Role-Based Permissions

Objective: Understand how permissions work

Time: 3 minutes

Step-by-Step Instructions

  1. Navigate to: Admin → User Management → Roles

  2. View the list of roles (e.g., Finance Officer, Finance Manager)

  3. Click on any role to see its permissions

What You’ll See

Permission AreaAvailable Actions
Menu AccessWhich modules the role can see
Data AccessWhich departments/PTJs visible
Function AccessView, Create, Edit, Delete, Approve
Amount LimitsApproval thresholds

Example: Finance Officer vs Finance Manager

ActionFinance OfficerFinance Manager
Create InvoiceYesYes
Approve InvoiceNoYes
View ReportsLimitedFull
Manage UsersNoNo
ℹ️
BigLedger Advantage: Permissions are granular - you can control access at the menu, function, and data level.

Test Scenario 3: Session Timeout (Auto-Logout)

Objective: Verify automatic logout for inactive users

Time: 3 minutes

Step-by-Step Instructions

  1. Navigate to: Admin → System Settings → Security

  2. View the session timeout settings

  3. Observe:

    SettingPurpose
    Timeout PeriodHow long before logout (e.g., 30 minutes)
    Warning TimeWhen to show warning (e.g., 5 minutes before)
    ActionWhat happens (logout, save draft)

What Happens When You’re Inactive

  1. Warning message appears 5 minutes before timeout
  2. Option to extend session
  3. If no response, automatic logout
  4. Redirected to login page
  5. Event logged in audit trail
ℹ️
UTM Requirement (9.15b): The system must automatically log out inactive users.

Test Scenario 4: Last Access Information

Objective: See when and where a user last logged in

Time: 2 minutes

Step-by-Step Instructions

  1. Login to the system

  2. Look at the dashboard or user profile

  3. Find the last access information

What You’ll See

InformationPurpose
Last Login DateWhen you previously logged in
Last Login TimeWhat time
IP AddressWhere from (for suspicious activity)
Failed AttemptsAny recent failed logins
ℹ️
UTM Requirement (9.15c): The system must display last access information during login.

Test Scenario 5: Audit Trail

Objective: See the complete activity log

Time: 5 minutes

Step-by-Step Instructions

  1. Navigate to: Admin → Audit Trail

  2. Search for activities:

    FilterExample
    Date RangeLast 7 days
    UserSpecific user or all
    ModuleFinance, Sales, etc.
    ActionCreate, Edit, Delete, Approve

  3. View the results

What You’ll See

ColumnInformation
TimestampExact date and time
UserWho performed the action
ActionWhat they did
ModuleWhere they did it
DetailsBefore/after values, document reference
IP AddressWhere they were

Try This

  • Search for all “Delete” actions
  • Filter by a specific user
  • Look at “before and after” values for edits
  • Export the audit trail
ℹ️
BigLedger Advantage: Every action is logged - there’s no way to hide what happened. Perfect for auditors.

Test Scenario 6: Password Policy

Objective: See password security settings

Time: 2 minutes

Step-by-Step Instructions

  1. Navigate to: Admin → System Settings → Password Policy

  2. View the settings

What You’ll See

PolicySetting
Minimum Length8+ characters
ComplexityRequires uppercase, lowercase, number, special
ExpiryPassword must change every X days
HistoryCan’t reuse last X passwords
LockoutAccount locks after X failed attempts

Why This Matters

Strong password policies prevent unauthorized access and meet security compliance requirements.

Your Progress Checklist

Mark off what you’ve completed:

ScenarioStatus
1. Explored user management
2. Reviewed role-based permissions
3. Checked session timeout settings
4. Viewed last access information
5. Searched audit trail
6. Reviewed password policy

Key Takeaways

After completing this module, you’ve seen that BigLedger:

UTM RequirementHow BigLedger Meets It
9.15a User ID ExpirySet expiration dates for user accounts
9.15b Auto LogoutConfigurable session timeout
9.15c Last AccessDisplay login history
RBACGranular role-based access control
Audit TrailComplete activity logging
Password PolicyStrong password enforcement

Additional Security Features

BigLedger also provides:

FeatureDescription
EncryptionAES-256 for data at rest, TLS 1.3 in transit
Two-Factor AuthOptional 2FA for sensitive operations
IP RestrictionsLimit access by IP address
SSO IntegrationConnect to MyUTM portal
Security ReportsLogin activity, failed attempts, etc.

Quick Reference: Navigation

What You Want to DoWhere to Find It
Manage usersAdmin → User Management → Users
Manage rolesAdmin → User Management → Roles
View audit trailAdmin → Audit Trail
Security settingsAdmin → System Settings → Security
Password policyAdmin → System Settings → Password Policy

What’s Next?

You’ve completed the Security & Access Control evaluation. Choose your next module:

Tax Management
Configure tax rates and compliance
Back to Overview
Choose a different module or finish

Questions?

If anything wasn’t clear or you’d like a live demonstration: