OFFICIAL

Crisisworks Single Sign-in

Owned by Jennifer Joseph
Last updated: May 18, 2018 by Scott Davey
5 min read

Contents


Overview

Over the coming months, we will be implementing a new way of signing into Crisisworks, which will make Crisisworks more secure, easier to access and easier to share data.

The change is known as Crisisworks ID, and it uses single sign-in technology to:

  • Allow a user to access multiple Crisisworks sites with a single Crisisworks ID
  • Provide a way for users to request access to new Crisisworks sites without creating additional user accounts
  • Simplify access and usage of the Vulnerable Persons Registers by VPR Coordinators, and
  • Allow administrators to more easily manage users in their system.

This project will begin to roll out in June 2018, and will be fully operational ahead of the summer fire season.


Improvements

The main goal of this project is to provide users with a single sign in point that allows access multiple Crisisworks installations as well as introduce enhanced security policies around Crisisworks user accounts. With this work comes a number of usability improvements, to be delivered in the coming months.

End-user improvements

  • New users will be able to create their own account by entering their contact details and requesting approval from the Crisisworks User Administrator.
  • Existing users will be able to request access to other Crisisworks sites. After the access request is accepted, they will be able to connect to the site.
  • Access to the Vulnerable Persons Registers system will be simplified allowing VPR coordinators who are also Agency Coordinators to perform both roles with a single account.
  • The single user ID will simplify user email preferences for upgrades, newsletters and outage notifications.

Administration improvements

  • A single user account can be granted different roles and levels of access across different Crisisworks sites.
  • An account validation and expiry process will be introduced to help administrators to disable inactive user accounts and keep the system secure. Users that have not logged in for a certain period of time will be emailed asking them to login to keep their account active, and their account made inactive if they do become active. 
  • Additional user management features will be added to Crisisworks to assist user administrators in managing expired account and access requests.


Key changes to user account policy

This project will roll out in a series of releases over the coming months and some sites may need a few, small steps by administrators as we progress the project. We will let administrators know when actions are required.

As a first step, Crisisworks 4.16 is scheduled in the coming weeks to tighten some user profile settings, making users compatible with the new authentication technology. As part of this update, we are reviewing existing Crisisworks user account in preparation for these changes so they comply with the new user account requirements. Non-compliant user accounts will need to be made compatible by Crisisworks administrators.

The key changes to user accounts are:

  • every user account must now have an email address, and
  • email addresses must be unique, and the same email address cannot be shared between user accounts on the same Crisisworks site

Additionally, we will be rolling out a new account security feature, that deactivates inactive accounts that have not been used for more than 24 months. 

In short, you need to ensure all active users have a unique email address.


How to make your user profiles compliant

We are asking site administrators to review their current user accounts to ensure all active users have a unique email address. Most Crisisworks sites are already compliant, and an email will be sent to administrators with non-compliant user profiles next week with further information about which accounts need to be updated.

For each of the required changes, please find below instructions for updating the accounts

Handling users accounts with no email address

Apply a unique email address to each user account that currently does not have an email address associated with it. Alternatively, if the user account is no longer required, deactivate the account.

Option 1: Add an email address to a user account

1.Log into Crisisworks as a User Administrator.

2.Navigate to the 'Users' area.


3.Select the User Account that needs to be updated and Edit the profile.

4.Add the Users email address and Save.

Option 2: Deactivate the user account

1.Follow steps 1-3 above (Add Email Address to a User Account).

2.Then untick the 'Active' checkbox field and Save.



Handling user accounts that share the same email

All User Accounts will need to have a unique email address within a Crisisworks installation. 

Datalink have identified and will send Site Administrators details of User Accounts who a sharing an email account and will need to be given a unique email address.

For those User Accounts that have been set up for training purposes or do not have a specific account to link to, we suggest that you contact your IT Department and request that that set up email addresses for these accounts.

For those Users who have two or more accounts that share email accounts, we suggest that one account be nominated as the primary account and the other account(s) made inactive. You can apply the competencies of the deactivate account to the primary one.


Preventing deactivation of important, inactive user accounts

Users who have not logged into Crisisworks for more than 2 years will be deactivated. These are not deleted, so don't worry, you can always reactivate the accounts later if needed. Datalink have identified and will send site administrators details of these users. 

To avoid the deactivation of these accounts, these users must log into Crisisworks.

If an account becomes deactivated, the user administrator for the site can reactivate the user account by following these steps.  

When deactivating an account, please ensure that the user logs into Crisisworks, or their account may become deactivated again.

Option 1: Have the user log into the inactive account

If the users of the inactive accounts log into their account ahead of the rollout of Crisisworks 4.15, their account will become active and no further action is required.

Option 2: Reactivate a user account after it has been deactivated

If the user's account has become inactive, it can be reactivated by following these steps: 

  1. Fine the account in the users list
  2. Edit the account
  3. Confirm that the email address is set
  4. Then tick the 'Active' checkbox field and Save.

 

Obtaining support

Datalink is here to help. If you need support or are concerned in any way, please contact our service desk.