deviceportal's People
Forkers
lulzzzdeviceportal's Issues
As admin, I want inactive employees with no devices to be removed from the system
User data should be removed six months after end of their contract.
As faculty manager, I want to add additional information to devices
Add a remarks field per device that can be edited by institute and faculty managers. Store all changes as per #22.
As a user, I want to receive emails without visible safelinks
Send mails as HTML to avoid this
As institute manager, I want to get an overview of my users
Institute managers should be able to see a list of the users in their institute, with registered devices and security status, including a brief summary showing totals.
As user, I want to see my devices
Provide the user of an overview of all UvA-registered devices, as registered in the UvA's CMDB (for now my a monthly Excel import) and the security status (Intune activated yes or now).
As institute manager, I want to see a status overview per institute
In the institute tiles in https://secure.science.uva.nl/faculty, add more some info:
- Instead of just complete/incomplete, show four different statuses: Intune completed, portal check submitted, portal check authorized, none
- Add a progress bar for devices as well (with the same statuses)
As institute manager, I want to authorize users for the security check
The institute manager should be able to choose which users can use the device security check in the portal. By default no users are authorized for this, and they should be able to turn it on for selected users.
As admin, I want to impersonate users
So I can see what the application looks like when logged in as that user.
As admin, I want the cmdb import to match by serial number
To prevent double devices. If the serial number is already there from Intune, it should merge rather than course a new device.
As approver, I want to skip the confirmation message
Right now you get a modal confirmation whenever you approve a check. If you have lots of checks this can be a bit annoying; we we add an option to skip it or make it a non-modal banner?
As authorized user, I want to fill out the security check
For each registered non-Intune device, an authorized user should be able to fill out the security check form, consisting of the following requirements:
- The equipment must have encrypted storage;
- The local accounts should be accessible only with strong passwords;
- A mobile device (telephone, tablet) is provided with a strong access code (minimum 6
characters) other than the SIM card PIN code; - The OS and all applications are maintained by a supplier or community, and are up to date
including security updates; - Applicable anti malware and antivirus solutions are present, active and up to date;
- Local (application) firewall is active and alerts the user to unusual behaviour;
- Laptop or desktop should be automatically locked after a pre-set period of inactivity after a
maximum of 15 minutes and phones or tablets after 5 minutes; - Remote wipe, lock, or effective data protection measures to prevent loss of setting
information in the event of theft should be in place;
In general:
- Each requirement is a yes/no question, where in the case of no an explanation is required.
- Some requirements are specific to a certain device type.
- It should be possible for an admin to edit the requirements, but this doesn't need to be done via a UI (some kind config file is perfectly fine).
As approver, I want to be notified of new requests
Set up an email notification for approvers.
As institute manager, I want to customize my view
Allow users to add/remove columns from big tables, saving their personal preference. Also expand the table so it uses the entire screen.
As admin, I want to see if the current row matches the cmdb
Add a date 'checked against cmdb' to a device that is set when it matches the current cmdb entry?
Clear the field on changes by users in the cmdb-fields.
As security officer, I want the 'authorized' option to be restricted to admins
Slight change of plan: change 'authorized' so it can only be toggled by admins and not by department managers.
Duplicate Intune devices
For e.g. https://secure.science.uva.nl/users/hafsarm1 the Android device is in there multiple times because it has multiple Intune registrations (I think?). It should match by serial number here, it seems.
(Also these have an odd device type)
As institute manager, I want to assign users to groups
Add a group level below the institute that users can belong to. Institute managers can add/remove users from groups and filter views by group. Can we get these from SAP?
As user, I don't want to see devices that have been disposed of
Add a 'disposed' status and hide these from all views. When processing the CMDB export, mark CMDB-devices that don't occur on the list anymore as disposed, e.g. DTB161483.
As user, I want to see recommendations for how to satisfy the security criteria
Per question and OS there should be a brief recommendation on how this point can be satisfied, possibly with links to external resources. We will need an html/markdown field to store this.
As institute manager, I want to export a list of a devices so I can email users
Add an Excel export option for the institute manager device list, including the email address of the device user.
As approver, I want to see table headers in the requests page
As institute manager, I want to see device details
Show all available info from CMDB when you click a device.
As user, I want to see pretty building names
Add a mapping:
mapping.txt
As institute manager, I want to edit device fields
As institute manager, I want to see labnet data
The Fortinet gateway has some additional information on certain machines that is useful to have. Import this information periodically into the portal. Fields:
- The labnet number/name (if any) a device is in (labnets have an owner as well which we are probably going to want to register as well at a later stage)
- Show the security category based on IP address: <128, 128-191, >191
- Operating system (type + version): use Intune if available, then labnet, then CMDB
Devices can be matched to Intune and CMDB on MAC address.
As institute manager, I want to get an overview of my devices
This is essentially a different view of #4, showing a table with a row per device and different filtering options.
One relevant field that we will need here is whether the device (desktop/laptop) is managed or not. This is an enum with five categories:
- Managed standard ("UvA Standaard SCCM")
- Managed special ("UvA Spec. SCCM")
- Self support ("UvA Zelfsupp.")
- Other (everything else from the list)
- BYOD (created manually by user)
For tablets/phones there are only two categories, UvA or BYOD. They can be placed under 'Other'.
As user, I want to give my devices a name
Users should be able to add and edit names for their devices (separate from the device ID and serial number). For manually added devices this name is already there (and should be editable), for devices from the CMDB it should be an option.
As approver, I want to approve/reject filled out checks
For users with approver rights (as set up in #6), the portal should show an overview of open approval requests, allowing them to view the fields filled out and approve/reject the form.
As user, I want to verify the OS in the security check
When a user performs the security check, as a first question, show the current device OS and allow them to switch between macOS/Windows/Linux (the mobile OS can be read-only once entered). Also allow them update the version field.
(Where they change the OS, the instruction texts in the form should update to match.)
As institute manager, I want to configure the approval flow
The institute manager should be able to set up which users can approve security checks filled out by users. This can either be a fixed pool of users, or it can be based on the HR-structure: a user's manager can approve the security check.
As institute manager, I want to see up-to-date user status
Sync user state with DataNose so that
- New users are added so that devices can be assigned to them
- Users who have left the UvA get an inactive status
As authorized user, I want to be reminded of pending checks
Set up a process that sends an email one per week to all authorized users who have at least one device that still needs a check to be submitted.
As faculty manager, I want to see an overview of changes
Add a view where an admin can see all devices for which a change has been done with respect to the CMDB data.
As institute manager, I want to see all device details for a specific device
Add a dialog/page that you get when clicking a device, with all available fields.
As user, I want to add personal devices
Allow the user to add a new personal device, with basic info:
- Name
- Type (phone/tablet/laptop/desktop)
- OS
As institute manager, I want an overview of devices in all sub-institutes
I think we looked at this one before but I'm not sure if it is fully implemented. IoP has three subinstitutes (WZI, ITFA, HEF). The IoP view should also show devices/users under these institutes.
As approver, I want to see only requests from my institutes
Right now, all approvers see all requests. They should only see requests from the institutes they are linked to.
As user, I want to report errors in device data
If some info about a device is incorrect, there should be a way to indicate this, e.g.
- Device doesn't exist anymore
- Device doesn't belong to me
- Operating system has changed
Store these changes as a delta with respect to the CMDB data, so that they can be reported to ICTS and that in a new CMDB export we can see whether they have been processed.
As institute manager, I want to see which devices are in the CMDB
All devices that are not in the CMDB should have the BYOD category (maybe with an icon), including the ones imported from Intune (which I think we now classify as 'other').
As institute manager, I want to indicate which devices are shared
Add a checkbox per device (e.g. in the detail page from #35) that can be turned on to indicate that a device is shared (i.e, there are multiple users). Add an icon to the list for shared devices.
As admin, I want to see change history for a device
Add a button to show the full history. Also store and show the user who has made the changes.
As admin, I want a daily update of devices from the CMDB
Use a
SELECT * FROM [DWHPM].[dbo].[FNWI_portal]
on
MSSQL-PRD-AO1.FORET.NL\MSSQLNOAGPRD_1,1710
As security manager, I want security checks to expire after one year
Set up a process that sets devices with a submitted check to insecure again after one year (be careful: Intune devices are also secure and should not be reset).
As faculty manager, I want to see an overview of the entire faculty
Faculty managers should be able to see the information for institutes, in particular be able to easy to see things like:
- How many users have been authorized for the security check?
- How many users have completed it?
- How many devices have been added?
As admin, I want to see institutes for pending checks
In https://secure.science.uva.nl/requests, I want to see the institute so that I know which institutes still need to do their approving.
As user, I want to log in
Implement SURFconext login via Open ID Connect.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.