Xporter – Recommended MIS Security Settings

Introduction

This document details the MIS access settings relevant for Xporter to function, including SIMS group membership.

Alternatively please click here for a video showing the process to create a SIMS user.

 

What is Xporter?

What is Groupcall Xporter?

Groupcall Xporter is a mature and versatile extraction/translation tool that specialises in connection to school and college MIS systems. It extracts data to an agreed format for a customer and then delivers the data using an agreed method.

Groupcall Xporter extends typical extraction tools by providing:

  • A randomising scheduler
  • Remote web-based monitoring and management
  • Automatic updating
  • Support for multiple sets of extraction scripts in a single installation (i.e. multiple customers)
  • Delta generation and change tracking.

Groupcall Xporter is used by approximately 75% of Secondary and 45% of Primary schools in the United Kingdom.  Groupcall Xporter enables real time data extraction for Schools, Academy Groups, Local Authorities, Broadband Consortia and Third Party Organisations.

 

Recommended MIS Security Settings for Xporter

Because Groupcall Xporter is a versatile data extraction tool and provides data extracts for a very wide variety of systems the support requirements can be very complex and vary depending on what Xporter is being used for and where it is extracting data from.

In order to simplify the customer setup and support experience Groupcall makes a recommendation on security settings for MIS access that provides a good balance of versatility, security, simplicity and supportability. However, if your Local Authority or IT provider recommend different permission settings to those below then you should try those first.

The recommended MIS security settings for the two most common MIS systems are detailed below. If you are using an MIS system that isn't listed then please contact the Groupcall partner that provided you with Xporter for details of the recommended MIS security settings.

SIMS_Logo Serco - Facility CMIS
For Capita SIMS .net Groupcall recommends the following group memberships for the user accessing SIMS:

  • Personnel Officer
  • School Administrator
  • Senior Management Team
  • Third Party Reporting
  • Assessment Coordinator (NB this is a new group required from August 2015 onwards)

A video showing the creation of a SIMS user with Recommended MIS Security Settings can be found at http://www.groupcall.co.uk/download/firstline/videos/ under the relevant link.

For Facility CMIS Groupcall recommends use of

  • the stud_admin schema, via the STUD_ADMIN user.

 

Are the Recommended MIS Security Settings Safe?

The recommended MIS security settings for data extraction are designed to expose all information within an MIS for potential extraction by Xporter.

Xporter security covers three areas:

Credentials

Xporter encrypts the password used to access the MIS system such that it cannot be used by anything other than Xporter.

Data Selection

Xporter cannot arbitrarily access data, it only extracts what it has been scripted to obtain and that specification is provided to us by the partner you are installing Xporter for.

Data Agreement

Data agreements are a legal enforceable agreement (in the case of statutory data collection by Local Authorities data agreements may be implicit) between the Groupcall partner providing Xporter and the organisation that Xporter has been installed in. They specify the scope and purpose of data collection. An Xporter extraction will be designed to the specification of the Groupcall partner and will therefore comply with the data agreement.

 

 

How do I specify the user with which Xporter will access the MIS?

Installing_Xporter_4_MISCredentials

Initial Setup

If you have created the user as per the recommended settings prior to installing Xporter, then you will need to specify those credentials during the setup of Xporter (as shown).

 

Xporter Console - Change MIS User

Changes at a later date

If you originally setup Xporter using different settings, then once you have configure the user as per the recommended settings above, you will need to amend the reference in Xporter accordingly.

From the Xporter management Console;

  1. Select ‘Passwords’ on the left.
  2. Choose the MIS login option.
  3. Choose Modify Password on the right.
  4. Specify the user you created to meet recommended settings in the pop up window.

 

My Organisation Cannot Use the Recommended MIS Security Settings for Xporter

If the requirements of your organisation do not allow use of the recommended MIS security settings then there are a number of options available to you:

  • If the organisation does not allow one individual to hold the recommended MIS security settings then a dedicated account can be created for Xporter to use. This ensures that there is no sharing of MIS accounts and that the account is only used for defined Xporter extracts.
  • If the organisation does not allow MIS accounts that do not belong to individuals then Xporter can be configured to run using a SIMS account belonging to a specific person with the necessary security rights. In this configuration Xporter would automatically share the account with the individual it belonged to.
  • If the organisation requires human intervention for data extracts then the data extraction can be executed manually by setting and clearing the Xporter MIS password value. This means that extracts can only be run under immediate supervision of an individual with the appropriate rights to SIMS and would not be able to run automatically.
  • If the organisation requires the minimum necessary MIS security settings to be applied instead of the recommended MIS security settings then these can be identified and applied. This requires identification of the minimum necessary MIS security setting for each column in an extraction, including those used internally during generation, and then configuration of MIS security settings to support an aggregation of those minimum necessary MIS security settings.

Identifying the Minimum Necessary MIS Security Settings

For any given extract there may be a smaller subset of the recommended MIS security settings that would allow successful data extraction. This subset is called the Minimum Necessary MIS Security Settings and is likely to vary for each extract configured. Because Xporter uses a single account to connect to an MIS this means that it will be necessary to aggregate multiple sets of Minimum Necessary MIS Security Settings into a single set of permissions in order to run multiple extracts.

If an organisation requires the identification of the minimum necessary MIS security settings then Groupcall can supply details of the columns being extracted from MIS to calculate and output an extract. Your organisation can then apply their local knowledge to identify and assign specific security rights.

Please be aware that while Groupcall will support any customer using minimal security requirements, the following conditions apply to this:

If an issue is investigated and the cause is identified as use of security settings other than the Recommended MIS Security Settings then the support time in identifying and resolving that issue may be chargeable.

If an organisation wishes to engage Groupcall to identify the minimal security requirements for a specific report then this work may be chargeable.

Where can I go for further information?

Groupcall recommends that, in the first instance, you should contact the company that supplied Groupcall Xporter to you as they will know most about their software, the data extracted and how the data is transmitted and used.

Next Steps...

If you need any further assistance or get in to any difficulty, then please contact Groupcall Support. If the issue affects Groupcall Partner products you should refer to the support arrangements for that specific Groupcall Partner.

…And Finally

Have you followed Groupcall on Twitter and Facebook? Stay informed, get the latest news, updates and useful tips on all of our products!