So after going through three different options (LibreOffice Base/Microsoft Access, Google Fusion Tables, and developing my own local system) in creating our performance information system, I finally settled in using Google Fusion Tables.
Previously, I was afraid that the system would be riddled with information integrity and access restriction problems. For example, I was afraid that one unit can enter data for another unit, which should not be the case. To mitigate that problem, I created an internal key reference system. What it was supposed to do was to present to the oversight office his own reference key and the submitter's secret key. If the keys are the same, then the oversight office should consider the record valid and he or she can rate the output recorded. However, if the keys are different, he or she can check with the supposed unit why the keys are different before giving a rating.
Personally, I was not keen in that system being observed. The oversight offices are "very busy" people. They would not bother themselves with security procedures. So I thought that our unit would constantly monitor the keys by creating a merge of the key reference table and the output submission table (I know, the references might be difficult to understand. It's by design.).
However, just today, I learned a way to altogether remove the key reference system. Instead, the access would automatically identify the submitter as the user based on his or her Google login.
The process not only removed the threat of shared access rights to create records, but also removed two fields (columns) in the unit's view of the database.
It was brilliantly simple, and more secure.
Now time to go back to work.
No comments:
Post a Comment