US20090313070A1 - Managing access to job-specific information, applications, and physical locations - Google Patents

Managing access to job-specific information, applications, and physical locations Download PDF

Info

Publication number
US20090313070A1
US20090313070A1 US12/544,312 US54431209A US2009313070A1 US 20090313070 A1 US20090313070 A1 US 20090313070A1 US 54431209 A US54431209 A US 54431209A US 2009313070 A1 US2009313070 A1 US 2009313070A1
Authority
US
United States
Prior art keywords
employee
job
record
access
transmitting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/544,312
Inventor
Judy J. Kogut-O'Connell
Donna M. Platt
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to US12/544,312 priority Critical patent/US20090313070A1/en
Publication of US20090313070A1 publication Critical patent/US20090313070A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/105Human resources
    • G06Q10/1053Employment or hiring

Definitions

  • This invention relates generally to access management and control systems, and more particularly, the present invention relates to managing access to job-specific information, applications, and physical locations.
  • security badges may be issued for controlling access to specified facilities, parking lots, entranceways, offices, etc.
  • Employee password accounts limit access to computers and applications based upon position and job-specific criteria. Confidential records, whether stored on a computer disk or in a file cabinet folder are secured through these password designations and/or by locks on office doors.
  • password access tools may be inefficient for businesses that experience significant (or even average) turnover in personnel.
  • new employees are hired to replace retired, transferred, terminated employees, or simply to fill new positions of a growing business, a system must be able to handle these changes or the security of the business may be jeopardized.
  • the problem is compounded when considering the ripple effect caused by changes in personnel.
  • Human resources, IT, physical security, management, etc. are some of the departments affected by these changes. For example, an employee directory must be continuously modified to reflect personnel changes, a human resources department must modify and update employee files, and a system administrator must do likewise for computer accounts.
  • An exemplary embodiment of the invention relates to a method and storage medium for managing access to job-specific information, applications, and physical locations.
  • the method includes creating an employee record for a new employee.
  • the employee record includes an employee ID, employee personal data, a job code, and administrative data.
  • the method also includes transmitting a portion of the personal data to an employee directory database, and transmitting a notification to one or both of a manager and a system administrator.
  • the method further includes enabling access to job-specific software applications, and establishing a password account for the employee.
  • FIG. 1 is a block diagram of computer network system in which the access management tool is implemented in a preferred embodiment of the invention
  • FIG. 2 is a computer screen window illustrating a sample employee record created by the access management tool
  • FIG. 3 is a computer screen window illustrating a sample job code record
  • FIG. 4 is a flowchart describing the process of implementing the access management tool in an exemplary embodiment of the invention.
  • system 100 may be part of a wide area network in which different geographical locations are interconnected, either by high-speed data lines or by radio links, interconnecting hundreds of workstations at widely disparate locations.
  • system 100 represents a business enterprise comprising a server 102 , client systems 104 - 112 and databases 120 - 124 each in communication via a network 130 .
  • Network 130 may comprise a LAN, a WAN, or other network configuration known in the art. Further, network 130 may include wireless connections, radio-based communications, telephony-based communications, and other network-based communications. For purposes of illustration, however, network 130 is a LAN.
  • system 100 is running Lotus Domino (TM) as its server software.
  • Server 102 executes the access management tool, among other applications utilized by system 100 .
  • Server 102 is also running a groupware application such as Lotus Notes (TM) which supports replication capabilities and provides e-mail services.
  • TM Lotus Notes
  • Groupware applications are well known to those skilled in the art and include email, messaging, calendaring, and a host of multi-media tools.
  • client systems of server 102 employ suitable client-side applications for facilitating the groupware tools utilized by server 102 such as web browser programs and email software.
  • Server 102 also executes application software used by the access management tool including database management software such as IBM's DB2 (TM).
  • Server 102 provides access and other related services to employees of system 100 such password administration, human resources administration, physical security assistance as well as other services. Server 102 also retrieves data stored therein for use by authorized client systems of system 100 .
  • a data storage device 118 resides within network 130 and may comprise any form of mass storage configured to read and write database type data maintained in a file store (e.g., a magnetic disk data storage device). Data storage device 118 is logically addressable across a distributed environment such as a system 100 . The implementation of local and wide-area database management systems to achieve the functionality of data storage device 118 will be readily understood by those skilled in the art. Information stored in data storage device 118 is retrieved and manipulated via server 102 .
  • Server 102 may be connected to an external network (e.g., Internet) in order to facilitate communications with outside entities and may extend the services provided by the access management tool to its remote offices, subsidiaries, etc.
  • an external network e.g., Internet
  • Client systems 104 - 112 represent computer processing devices such as a general-purpose desktop computer or similar device. Client systems 104 - 112 are in communication with server 102 via network 130 .
  • Client system 104 is operated by a lower level employee of system 100 . Users of client system 104 are typically granted limited access to system resources such as word processing applications, e-mail, and job-specific software necessary in order for users to perform their jobs.
  • system resources such as word processing applications, e-mail, and job-specific software necessary in order for users to perform their jobs.
  • Client system 106 is operated by a supervisor or manager of the employee operating client system 104 . Users of client system 106 are typically granted extended access to system resources beyond that which are granted to users of client system 104 . Users of client system 106 may be given access to employee records for personnel under their charge in order to perform access management and/or auditing via the access management tool as will be described further herein.
  • Client system 108 is operated by a human resources representative charged with the administration of employee records.
  • users of client system 108 have superior access to employee records in order to facilitate processing of new hires, transfers, terminations, etc.
  • Human resources personnel of system 100 may also employ commercial applications to facilitate implementation of the access management tool such as IBM's HRAccess®.
  • Client system 110 is operated by a system administrator of system 100 who is charged with maintaining network 130 and its applications.
  • the system administrator performs various other functions such as creating and maintaining password accounts for employees of system 100 .
  • System 100 further includes client system 112 which may be operated by a security manager of system 100 .
  • a security manager is charged with the physical security of the building(s) of system 100 in terms of monitoring entranceways, external grounds, parking lots, as well as the internal office spaces. For organizations that issue badges for controlling physical access, the security manager or department would have access to information necessary to implement the security plan set in place by the business.
  • any number of client systems may be used by system 100 in order to realize the advantages of the invention.
  • the access levels granted as described above with respect to client systems' 104 - 112 access to network information may include ‘read only’ access restrictions if desired by the business enterprise.
  • Databases include an employee record database 120 , a job code database 122 , and a directory database 124 .
  • Employee record database 120 stores a variety of information pertaining to each employee of system 100 .
  • a sample employee record 200 is displayed in FIG. 2 for illustrative purposes.
  • Employee record 200 contains the employee's name, address, phone number, business e-mail address, and other personal data (not shown) such as social security number and birth date 202 .
  • Employee record 200 also includes an identification number in ID field 204 which uniquely identifies the employee.
  • Record 200 further includes an employee job code field 206 which has been established for the position for which the employee has been hired. Job codes are further described in FIG. 3 .
  • a job location field 208 is provided and may be optionally utilized in addition to job code field 206 for further specifying an employee's position. For example, in large organizations with multiple facilities, Job codes may be further specified according to geographic location.
  • Record 200 preferably includes information fields for further defining an employee's status within system 100 .
  • Information fields include date of hire 210 , transfer field 212 , promotion field 214 , and termination field 216 . These can be used for auditing purposes as well as general administrative purposes as will be described further in FIG. 4 .
  • Information stored in record 200 is accessible to authorized client systems of system 100 as described herein.
  • Job code database 122 stores information relating to the various job positions available with respect to system 100 .
  • job titles such as administrative clerk, mail clerk, lab technician, department manager, etc. would each have a designated job code.
  • a job code may comprise any alphanumeric character string adopted by system 100 .
  • a sample job code record is illustrated in FIG. 3 for illustrative purposes.
  • a user with permissions accesses job code record 300 via the access management tool by entering a job code A 19 (and optionally a job location) where indicated by the tool and the job code record 300 is presented.
  • a description of the job is provided in record 300 as well.
  • Job code record 300 Other information that may be provided in job code record 300 include a training link 302 , a link to a listing of applications available for this job code 304 , physical access permissions 306 , and any other information desired by system 100 .
  • a user selects ‘training’ and is directed to a library of course materials, references, relevant job-specific manuals, etc. designed for the designated job code.
  • Database 124 contains a listing of all of the employees of system 100 and related contact information such as email addresses.
  • server 102 may be programmed to systematically conduct scheduled replications, whereby database replicas are temporarily stored in a queue awaiting replication (not shown). Replications may be scheduled by system 100 as frequently as desired in order to provide access to the most current, up-to-date information.
  • FIG. 4 illustrates the process for creating a new employee record utilized by the access management tool in a preferred embodiment of the invention.
  • a newly-hired employee may be required to show a badge before an orientation session and/or before being permitted access to the employer's facilities.
  • the process begins at step 400 whereby the employee is issued a badge.
  • Badge security systems typically include a photograph of the employee and an identification number uniquely assigned to that employee. Other information may be included on the badge as well.
  • the employee is then permitted physical access to a location for further processing. If a badge security system or similar type of security system is not in place, the process described in FIG. 4 would alternatively begin at step 402 as described herein.
  • a human resources representative, or other authorized person charged with the administration of newly hired employees logs on to the access management tool at step 402 .
  • a menu of options is presented at step 404 . Such options may include creating a new record, editing an existing record, viewing one or more records, and establishing an audit schedule.
  • the user selects ‘create new record’ at step 406 and either enters an ID 204 for the employee or an ID 204 is automatically created by the tool at step 408 .
  • the ID provided on the badge may be used for this step.
  • the user then enters the personal information 202 at step 410 .
  • a job code 206 (and optionally a job location 208 ) is entered at step 412 .
  • Other information may be provided by the user while creating the record as desired.
  • the user saves the record at step 414 . Saving the record causes a copy of the information to be stored in employee record database 120 at step 416 .
  • the company directory database 124 may be automatically updated to include selected information on the record at step 418 .
  • automatic notifications are sent to the manager assigned to the job code, the IT representative, and physical security manager at steps 420 , 422 , and 424 , respectively. These notifications may be by e-mail or other communication means.
  • a manager receives the notification, he/she is instructed by the tool to ‘enable’ the applications necessary for the employee of that job code at step 426 and any additional applications that may be necessary.
  • the IT representative is instructed by the tool to establish a password account for the employee at step 428 .
  • the physical security manager is instructed by the tool to authorize physical access in order for the employee to gain access to offices, laboratories, libraries, conference rooms, etc. at step 430 .
  • the human resources representative may also create an audit schedule for the record. This can be accomplished by flagging any or all of fields 212 - 216 to send an alert to selected recipients upon modification of these fields. For example, suppose the employee listed in record 200 is promoted to Lab Tech, Level 2 within the same department. The modification to field 214 causes an alert to be transmitted to the manager for the new job code assigned (which in this case, is the same manager), IT department, physical security manager, and any entities designated by the tool to receive this information. Any instructions for updating this new information would follow as described above. Reminder notices may be sent to these entities if desired where there has been a failure to act in accordance with the instructions provided. Automatic auditing procedures may also be established. For example, a human resources representative can flag a job code for auditing activities to be conducted twice a year in order to verify continuing access requirements and the employment status of employees in that job code. Other criteria for selecting an audit can be determined as desired such as by department, facility, etc.
  • the present invention can be embodied in the form of computer-implemented processes and apparatuses for practicing those processes.
  • the present invention can also be embodied in the form of computer program code containing instructions embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention.
  • the present invention can also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention.
  • computer program code segments configure the microprocessor to create specific logic circuits.

Abstract

A method and storage medium for managing access to job-specific information, applications, and physical locations are provided. The method includes creating an employee record for a new employee. The employee record includes an employee ID, employee personal data, a job code, and administrative data. The method also includes transmitting a portion of the personal data to an employee directory database, and transmitting a notification to one or both of a manager and a system administrator. The method further includes enabling access to job-specific software applications, and establishing a password account for the employee.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a divisional of U.S. patent application Ser. No. 10/160,389, filed May 31, 2002, the disclosure of which is incorporated by reference herein in its entirety.
    • BACKGROUND
  • This invention relates generally to access management and control systems, and more particularly, the present invention relates to managing access to job-specific information, applications, and physical locations.
  • Virtually every business in operation today utilizes some form of security system to protect the integrity of its buildings and structures, as well as its proprietary and confidential data. For many businesses, security is considered to the single most important objective. Safeguarding these assets, however, can be an enormous task, particularly for large entities.
  • Various tools have been developed to address these concerns. For example, security badges may be issued for controlling access to specified facilities, parking lots, entranceways, offices, etc. Employee password accounts limit access to computers and applications based upon position and job-specific criteria. Confidential records, whether stored on a computer disk or in a file cabinet folder are secured through these password designations and/or by locks on office doors.
  • While many of these tools may be suitable for a specific purpose, they alone cannot address the varying and complex security needs of many larger businesses today. For example, password access tools may be inefficient for businesses that experience significant (or even average) turnover in personnel. As new employees are hired to replace retired, transferred, terminated employees, or simply to fill new positions of a growing business, a system must be able to handle these changes or the security of the business may be jeopardized. The problem is compounded when considering the ripple effect caused by changes in personnel. Human resources, IT, physical security, management, etc., are some of the departments affected by these changes. For example, an employee directory must be continuously modified to reflect personnel changes, a human resources department must modify and update employee files, and a system administrator must do likewise for computer accounts. Further, physical security must be addressed in accordance with the business' procedures which may include changing locks, issuing/retrieving employee badges, keycards, etc. The same or similar processes would take place for employee transfers, promotions, or similar change in personnel. Modification of management and supervisory assignments must also be updated to reflect changes in employment status.
  • Currently, these procedures and authorizations are done individually with separate forms stored on different systems which are transmitted from location to location for approval and administrative processing. The affected employees may be required to track the progress of the forms. It is not uncommon to find an ex-employee's name on the company directory months after termination. For the same reasons set forth above, it is no surprise that auditing these disjunct processes can also be problematic for the business.
  • It is, therefore, desirable to provide a means for managing access and control to job-specific information, applications, and physical locations associated with a business enterprise.
    • BRIEF SUMMARY
  • An exemplary embodiment of the invention relates to a method and storage medium for managing access to job-specific information, applications, and physical locations. The method includes creating an employee record for a new employee. The employee record includes an employee ID, employee personal data, a job code, and administrative data. The method also includes transmitting a portion of the personal data to an employee directory database, and transmitting a notification to one or both of a manager and a system administrator. The method further includes enabling access to job-specific software applications, and establishing a password account for the employee.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Referring now to the drawings wherein like elements are numbered alike in the several FIGURES:
  • FIG. 1 is a block diagram of computer network system in which the access management tool is implemented in a preferred embodiment of the invention;
  • FIG. 2 is a computer screen window illustrating a sample employee record created by the access management tool;
  • FIG. 3 is a computer screen window illustrating a sample job code record; and
  • FIG. 4 is a flowchart describing the process of implementing the access management tool in an exemplary embodiment of the invention.
    •  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
  • In an exemplary embodiment, the access management tool is implemented via a networked system such as that depicted in FIG. 1. Although not necessary to realize the advantages of the present invention, system 100 may be part of a wide area network in which different geographical locations are interconnected, either by high-speed data lines or by radio links, interconnecting hundreds of workstations at widely disparate locations. In the simplified diagram of FIG. 1, system 100 represents a business enterprise comprising a server 102, client systems 104-112 and databases 120-124 each in communication via a network 130. Network 130 may comprise a LAN, a WAN, or other network configuration known in the art. Further, network 130 may include wireless connections, radio-based communications, telephony-based communications, and other network-based communications. For purposes of illustration, however, network 130 is a LAN.
  • For purposes of illustration, system 100 is running Lotus Domino (TM) as its server software. Server 102 executes the access management tool, among other applications utilized by system 100. Server 102 is also running a groupware application such as Lotus Notes (TM) which supports replication capabilities and provides e-mail services.
  • Groupware applications are well known to those skilled in the art and include email, messaging, calendaring, and a host of multi-media tools. Likewise, client systems of server 102 employ suitable client-side applications for facilitating the groupware tools utilized by server 102 such as web browser programs and email software. Server 102 also executes application software used by the access management tool including database management software such as IBM's DB2 (TM).
  • Server 102 provides access and other related services to employees of system 100 such password administration, human resources administration, physical security assistance as well as other services. Server 102 also retrieves data stored therein for use by authorized client systems of system 100. A data storage device 118 resides within network 130 and may comprise any form of mass storage configured to read and write database type data maintained in a file store (e.g., a magnetic disk data storage device). Data storage device 118 is logically addressable across a distributed environment such as a system 100. The implementation of local and wide-area database management systems to achieve the functionality of data storage device 118 will be readily understood by those skilled in the art. Information stored in data storage device 118 is retrieved and manipulated via server 102.
  • Server 102 may be connected to an external network (e.g., Internet) in order to facilitate communications with outside entities and may extend the services provided by the access management tool to its remote offices, subsidiaries, etc.
  • Client systems 104-112 represent computer processing devices such as a general-purpose desktop computer or similar device. Client systems 104-112 are in communication with server 102 via network 130.
  • Client system 104 is operated by a lower level employee of system 100. Users of client system 104 are typically granted limited access to system resources such as word processing applications, e-mail, and job-specific software necessary in order for users to perform their jobs.
  • Client system 106 is operated by a supervisor or manager of the employee operating client system 104. Users of client system 106 are typically granted extended access to system resources beyond that which are granted to users of client system 104. Users of client system 106 may be given access to employee records for personnel under their charge in order to perform access management and/or auditing via the access management tool as will be described further herein.
  • Client system 108 is operated by a human resources representative charged with the administration of employee records. In a preferred embodiment, users of client system 108 have superior access to employee records in order to facilitate processing of new hires, transfers, terminations, etc. Human resources personnel of system 100 may also employ commercial applications to facilitate implementation of the access management tool such as IBM's HRAccess®.
  • Client system 110 is operated by a system administrator of system 100 who is charged with maintaining network 130 and its applications. The system administrator performs various other functions such as creating and maintaining password accounts for employees of system 100.
  • System 100 further includes client system 112 which may be operated by a security manager of system 100. A security manager is charged with the physical security of the building(s) of system 100 in terms of monitoring entranceways, external grounds, parking lots, as well as the internal office spaces. For organizations that issue badges for controlling physical access, the security manager or department would have access to information necessary to implement the security plan set in place by the business.
  • It will be understood that any number of client systems may be used by system 100 in order to realize the advantages of the invention. Further, the access levels granted as described above with respect to client systems' 104-112 access to network information may include ‘read only’ access restrictions if desired by the business enterprise.
  • Server 102 utilizes databases 120-124 provided by system 100 and executes the access management tool of the invention. Databases include an employee record database 120, a job code database 122, and a directory database 124.
  • Employee record database 120 stores a variety of information pertaining to each employee of system 100. A sample employee record 200 is displayed in FIG. 2 for illustrative purposes. Employee record 200 contains the employee's name, address, phone number, business e-mail address, and other personal data (not shown) such as social security number and birth date 202. Employee record 200 also includes an identification number in ID field 204 which uniquely identifies the employee. Record 200 further includes an employee job code field 206 which has been established for the position for which the employee has been hired. Job codes are further described in FIG. 3. A job location field 208 is provided and may be optionally utilized in addition to job code field 206 for further specifying an employee's position. For example, in large organizations with multiple facilities, Job codes may be further specified according to geographic location.
  • Record 200 preferably includes information fields for further defining an employee's status within system 100. Information fields include date of hire 210, transfer field 212, promotion field 214, and termination field 216. These can be used for auditing purposes as well as general administrative purposes as will be described further in FIG. 4.
  • Information stored in record 200, as well as employee records database 120, is accessible to authorized client systems of system 100 as described herein.
  • Job code database 122 stores information relating to the various job positions available with respect to system 100. For example, job titles such as administrative clerk, mail clerk, lab technician, department manager, etc. would each have a designated job code. A job code may comprise any alphanumeric character string adopted by system 100. A sample job code record is illustrated in FIG. 3 for illustrative purposes. A user with permissions accesses job code record 300 via the access management tool by entering a job code A19 (and optionally a job location) where indicated by the tool and the job code record 300 is presented. A description of the job is provided in record 300 as well. Other information that may be provided in job code record 300 include a training link 302, a link to a listing of applications available for this job code 304, physical access permissions 306, and any other information desired by system 100. For example, a user selects ‘training’ and is directed to a library of course materials, references, relevant job-specific manuals, etc. designed for the designated job code.
  • Database 124 contains a listing of all of the employees of system 100 and related contact information such as email addresses.
  • Whenever changes affecting access occur, relevant information can be provided via the access management tool, and replicated at scheduled time intervals. Additionally, server 102 may be programmed to systematically conduct scheduled replications, whereby database replicas are temporarily stored in a queue awaiting replication (not shown). Replications may be scheduled by system 100 as frequently as desired in order to provide access to the most current, up-to-date information.
  • FIG. 4 illustrates the process for creating a new employee record utilized by the access management tool in a preferred embodiment of the invention. A newly-hired employee may be required to show a badge before an orientation session and/or before being permitted access to the employer's facilities. In this situation, the process begins at step 400 whereby the employee is issued a badge. Badge security systems typically include a photograph of the employee and an identification number uniquely assigned to that employee. Other information may be included on the badge as well. The employee is then permitted physical access to a location for further processing. If a badge security system or similar type of security system is not in place, the process described in FIG. 4 would alternatively begin at step 402 as described herein.
  • A human resources representative, or other authorized person charged with the administration of newly hired employees (also referred to as ‘user’) logs on to the access management tool at step 402. A menu of options is presented at step 404. Such options may include creating a new record, editing an existing record, viewing one or more records, and establishing an audit schedule.
  • The user selects ‘create new record’ at step 406 and either enters an ID 204 for the employee or an ID 204 is automatically created by the tool at step 408. For employers utilizing a badge security system, the ID provided on the badge may be used for this step. The user then enters the personal information 202 at step 410. A job code 206 (and optionally a job location 208) is entered at step 412. Other information may be provided by the user while creating the record as desired. Once the information has been entered, the user saves the record at step 414. Saving the record causes a copy of the information to be stored in employee record database 120 at step 416. Further, the company directory database 124 may be automatically updated to include selected information on the record at step 418. Finally, automatic notifications are sent to the manager assigned to the job code, the IT representative, and physical security manager at steps 420, 422, and 424, respectively. These notifications may be by e-mail or other communication means.
  • Once a manager receives the notification, he/she is instructed by the tool to ‘enable’ the applications necessary for the employee of that job code at step 426 and any additional applications that may be necessary. The IT representative is instructed by the tool to establish a password account for the employee at step 428. The physical security manager is instructed by the tool to authorize physical access in order for the employee to gain access to offices, laboratories, libraries, conference rooms, etc. at step 430.
  • During the establishment of the new record, the human resources representative may also create an audit schedule for the record. This can be accomplished by flagging any or all of fields 212-216 to send an alert to selected recipients upon modification of these fields. For example, suppose the employee listed in record 200 is promoted to Lab Tech, Level 2 within the same department. The modification to field 214 causes an alert to be transmitted to the manager for the new job code assigned (which in this case, is the same manager), IT department, physical security manager, and any entities designated by the tool to receive this information. Any instructions for updating this new information would follow as described above. Reminder notices may be sent to these entities if desired where there has been a failure to act in accordance with the instructions provided. Automatic auditing procedures may also be established. For example, a human resources representative can flag a job code for auditing activities to be conducted twice a year in order to verify continuing access requirements and the employment status of employees in that job code. Other criteria for selecting an audit can be determined as desired such as by department, facility, etc.
  • As described above, the present invention can be embodied in the form of computer-implemented processes and apparatuses for practicing those processes. The present invention can also be embodied in the form of computer program code containing instructions embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. The present invention can also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. When implemented on a general-purpose microprocessor, the computer program code segments configure the microprocessor to create specific logic circuits.
  • While preferred embodiments have been shown and described, various modifications and substitutions may be made thereto without departing from the spirit and scope of the invention. Accordingly, it is to be understood that the present invention has been described by way of illustration and not limitation.

Claims (6)

1. A method for managing access to job-specific information, applications, and physical locations, comprising:
creating an employee record for a new employee, said employee record including an employee ID, employee personal data, a job code, and administrative data;
transmitting a portion of said personal data to an employee directory database;
transmitting a notification to at least one of:
a manager; and
a system administrator;
enabling access to job-specific software applications; and
establishing a password account for said employee.
2. The method of claim 1, further comprising:
issuing a security badge to said new employee;
transmitting a notification to a physical security manager; and
authorizing physical access to specified locations.
3. The method of claim 2, further comprising:
editing said employee record to reflect changes in employee status; said changes including at least one of:
promotion;
transfer;
re-assignment; and
termination; and
transmitting notification of changes to said employee directory database and to at least one of:
said manager;
said system administrator; and
said physical security manager.
4. A storage medium encoded with machine-readable computer program code for managing access to job-specific information, applications, and physical locations over a network system, the storage medium including instructions for causing said network system to implement a method comprising:
creating an employee record for a new employee, said employee record including an employee ID, employee personal data, a job code, and administrative data;
transmitting a portion of said personal data to an employee directory database;
transmitting a notification to at least one of:
a manager; and
a system administrator;
enabling access to job-specific software applications; and
establishing a password account for said employee.
5. The storage medium of claim 4, further comprising instructions for causing said network system to implement:
issuing a security badge to said new employee;
transmitting a notification to a physical security manager; and
authorizing physical access to specified locations.
6. The storage medium of claim 5, further comprising instructions for causing said network system to implement:
editing said employee record to reflect changes in employee status; said changes including at least one of:
promotion;
transfer;
re-assignment; and
termination; and
transmitting notification of changes to said employee directory database and to at least one of:
said manager;
said system administrator; and
said physical security manager.
US12/544,312 2002-05-31 2009-08-20 Managing access to job-specific information, applications, and physical locations Abandoned US20090313070A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/544,312 US20090313070A1 (en) 2002-05-31 2009-08-20 Managing access to job-specific information, applications, and physical locations

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/160,389 US7797397B2 (en) 2002-05-31 2002-05-31 Method, system, and storage medium for managing access to job-specific information, applications, and physical locations
US12/544,312 US20090313070A1 (en) 2002-05-31 2009-08-20 Managing access to job-specific information, applications, and physical locations

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/160,389 Division US7797397B2 (en) 2002-05-31 2002-05-31 Method, system, and storage medium for managing access to job-specific information, applications, and physical locations

Publications (1)

Publication Number Publication Date
US20090313070A1 true US20090313070A1 (en) 2009-12-17

Family

ID=29731913

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/160,389 Expired - Fee Related US7797397B2 (en) 2002-05-31 2002-05-31 Method, system, and storage medium for managing access to job-specific information, applications, and physical locations
US12/544,312 Abandoned US20090313070A1 (en) 2002-05-31 2009-08-20 Managing access to job-specific information, applications, and physical locations

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/160,389 Expired - Fee Related US7797397B2 (en) 2002-05-31 2002-05-31 Method, system, and storage medium for managing access to job-specific information, applications, and physical locations

Country Status (1)

Country Link
US (2) US7797397B2 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103593754A (en) * 2013-08-06 2014-02-19 北京世纪喜鹊信息科技有限公司 Office automation platform based on network
US20150120591A1 (en) * 2013-10-31 2015-04-30 Avaya Inc. Unified control of employee access to employer communications systems during periods of employee furlough
JP2017220254A (en) * 2017-08-18 2017-12-14 高崎 将紘 Labor property information management device, method, and computer program
US10305869B2 (en) * 2016-01-20 2019-05-28 Medicom Technologies, Inc. Methods and systems for transferring secure data and facilitating new client acquisitions
JP2019153352A (en) * 2019-06-11 2019-09-12 高崎 将紘 Labor property information management device, method, and computer program
US20200387268A1 (en) * 2019-06-06 2020-12-10 United States Postal Service Dynamically customized application selection and recommendation systems

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1467668A (en) * 2002-06-05 2004-01-14 株式会社日立制作所 Total service support system for employees and method therefor

Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4323771A (en) * 1979-09-10 1982-04-06 Chalker Jr Oliver H Automated time and attendance system
US5523942A (en) * 1994-03-31 1996-06-04 New England Mutual Life Insurance Company Design grid for inputting insurance and investment product information in a computer system
USRE35336E (en) * 1978-02-01 1996-09-24 Casi-Rusco, Inc. Self-contained programmable terminal for security systems
US5829003A (en) * 1995-05-23 1998-10-27 Casio Computer Co., Ltd. Record processing apparatus, method and computer readable storage having attribute information representing a hierarchical connection for display of data
US5873095A (en) * 1996-08-12 1999-02-16 Electronic Data Systems Corporation System and method for maintaining current status of employees in a work force
US5898871A (en) * 1994-12-07 1999-04-27 Next Software, Inc. Dynamic object communication protocol
US5913198A (en) * 1997-09-09 1999-06-15 Sbp Services, Inc. System and method for designing and administering survivor benefit plans
US5987611A (en) * 1996-12-31 1999-11-16 Zone Labs, Inc. System and methodology for managing internet access on a per application basis for client computers connected to the internet
US6049776A (en) * 1997-09-06 2000-04-11 Unisys Corporation Human resource management system for staffing projects
US6134561A (en) * 1997-12-29 2000-10-17 Pitney Bowes Inc. System for tracking the receipt and internal delivery of items such as packages
US6157808A (en) * 1996-07-17 2000-12-05 Gpu, Inc. Computerized employee certification and training system
US6235176B1 (en) * 1997-09-23 2001-05-22 Mb Schoen & Associates Computer apparatus and method for defined contribution and profit sharing pension and disability plan
US6347305B1 (en) * 1999-10-29 2002-02-12 E-Duction, Inc. Method for selecting and processing a payroll deduction plan as a payment option during electronic commerce
US20030023874A1 (en) * 2001-07-16 2003-01-30 Rudy Prokupets System for integrating security and access for facilities and information systems
US6738772B2 (en) * 1998-08-18 2004-05-18 Lenel Systems International, Inc. Access control system having automatic download and distribution of security information
US6742002B2 (en) * 2000-03-27 2004-05-25 Mps Ip Services Corp. Computer-implemented and/or computer-assisted web database and/or interaction system for staffing of personnel in various employment related fields
US6782425B1 (en) * 1999-11-24 2004-08-24 Unisys Corporation Session based security profile for internet access of an enterprise server
US6947942B1 (en) * 2002-05-30 2005-09-20 Taiwan Semiconductor Manufacturing Company, Ltd. Methods of managing user and computer objects in directory service
US7222241B2 (en) * 2002-02-25 2007-05-22 Info Data, Inc. Building security and access protection system
US20080163347A1 (en) * 2006-12-28 2008-07-03 Peggy Ann Ratcliff Method to maintain or remove access rights
US20090076969A1 (en) * 2007-09-19 2009-03-19 Collier Sparks System and method for deployment and financing of a security system

Patent Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
USRE35336E (en) * 1978-02-01 1996-09-24 Casi-Rusco, Inc. Self-contained programmable terminal for security systems
US4323771A (en) * 1979-09-10 1982-04-06 Chalker Jr Oliver H Automated time and attendance system
US5523942A (en) * 1994-03-31 1996-06-04 New England Mutual Life Insurance Company Design grid for inputting insurance and investment product information in a computer system
US5898871A (en) * 1994-12-07 1999-04-27 Next Software, Inc. Dynamic object communication protocol
US5829003A (en) * 1995-05-23 1998-10-27 Casio Computer Co., Ltd. Record processing apparatus, method and computer readable storage having attribute information representing a hierarchical connection for display of data
US6157808A (en) * 1996-07-17 2000-12-05 Gpu, Inc. Computerized employee certification and training system
US5873095A (en) * 1996-08-12 1999-02-16 Electronic Data Systems Corporation System and method for maintaining current status of employees in a work force
US5987611A (en) * 1996-12-31 1999-11-16 Zone Labs, Inc. System and methodology for managing internet access on a per application basis for client computers connected to the internet
US6049776A (en) * 1997-09-06 2000-04-11 Unisys Corporation Human resource management system for staffing projects
US5913198A (en) * 1997-09-09 1999-06-15 Sbp Services, Inc. System and method for designing and administering survivor benefit plans
US6235176B1 (en) * 1997-09-23 2001-05-22 Mb Schoen & Associates Computer apparatus and method for defined contribution and profit sharing pension and disability plan
US6134561A (en) * 1997-12-29 2000-10-17 Pitney Bowes Inc. System for tracking the receipt and internal delivery of items such as packages
US6738772B2 (en) * 1998-08-18 2004-05-18 Lenel Systems International, Inc. Access control system having automatic download and distribution of security information
US6347305B1 (en) * 1999-10-29 2002-02-12 E-Duction, Inc. Method for selecting and processing a payroll deduction plan as a payment option during electronic commerce
US6782425B1 (en) * 1999-11-24 2004-08-24 Unisys Corporation Session based security profile for internet access of an enterprise server
US6742002B2 (en) * 2000-03-27 2004-05-25 Mps Ip Services Corp. Computer-implemented and/or computer-assisted web database and/or interaction system for staffing of personnel in various employment related fields
US20030023874A1 (en) * 2001-07-16 2003-01-30 Rudy Prokupets System for integrating security and access for facilities and information systems
US7222241B2 (en) * 2002-02-25 2007-05-22 Info Data, Inc. Building security and access protection system
US6947942B1 (en) * 2002-05-30 2005-09-20 Taiwan Semiconductor Manufacturing Company, Ltd. Methods of managing user and computer objects in directory service
US20080163347A1 (en) * 2006-12-28 2008-07-03 Peggy Ann Ratcliff Method to maintain or remove access rights
US20090076969A1 (en) * 2007-09-19 2009-03-19 Collier Sparks System and method for deployment and financing of a security system

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103593754A (en) * 2013-08-06 2014-02-19 北京世纪喜鹊信息科技有限公司 Office automation platform based on network
US20150120591A1 (en) * 2013-10-31 2015-04-30 Avaya Inc. Unified control of employee access to employer communications systems during periods of employee furlough
US10305869B2 (en) * 2016-01-20 2019-05-28 Medicom Technologies, Inc. Methods and systems for transferring secure data and facilitating new client acquisitions
JP2017220254A (en) * 2017-08-18 2017-12-14 高崎 将紘 Labor property information management device, method, and computer program
US20200387268A1 (en) * 2019-06-06 2020-12-10 United States Postal Service Dynamically customized application selection and recommendation systems
JP2019153352A (en) * 2019-06-11 2019-09-12 高崎 将紘 Labor property information management device, method, and computer program

Also Published As

Publication number Publication date
US20030233263A1 (en) 2003-12-18
US7797397B2 (en) 2010-09-14

Similar Documents

Publication Publication Date Title
US20090313070A1 (en) Managing access to job-specific information, applications, and physical locations
US7640165B2 (en) Web based methods and systems for managing compliance assurance information
US7072940B1 (en) System and method for managing communications and collaboration among team members
US6684212B1 (en) System and method for data sharing between members of diverse organizations
US6658427B2 (en) Method and system for providing multi-user electronic calendaring and scheduling functions for online instruction in an extended enterprise environment
US7155435B1 (en) Method for resolving issues within a team environment
US6006193A (en) Computer executable workflow control system
US6064977A (en) Web server with integrated scheduling and calendaring
US6434607B1 (en) Web server providing role-based multi-level security
US6671695B2 (en) Dynamic group generation and management
US8296200B2 (en) Collaborative financial close portal
JP4652418B2 (en) System and method for enterprise wide policy management
US20140372536A1 (en) System for supporting collaborative activity
US6721746B2 (en) Method and system for facilitating production changes in an extended enterprise environment
US20020082891A1 (en) Method and system for gathering and disseminating quality performance and audit activity data in an extended enterprise environment
JP5192821B2 (en) System and method for maintaining business continuity
US20030065519A1 (en) Method and system for generating legal agreements
US7644008B1 (en) Web-based system and method for user role assignment in an enterprise
US20070214491A1 (en) Interactive security control system and method with automated order submission and approval process
US20070239513A1 (en) System and method for employee recruitment, management and reporting
US20070162356A1 (en) Inventory mitigation collaboration and balancing system with organized and archivable communication means
KR100358876B1 (en) Method and system for verifying access to a network environment
US7822796B2 (en) Method and system for electronically qualifying supplier parts
JPH08137852A (en) Collaboratively written document management system
CN115239257A (en) Data processing method suitable for out-of-office staff

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION