With more than 1100 users on our account the administration of “Who is still active” or even more important “Who is still working for us” are an important security question.
Those who belong to our organisation are not a problem, but the big challenge and risk is those who is invited into our Projects as consultants, partners etc. with another e-mail address than our “account”.
A periodical functionality based on the below suggested settings being sent to the administrators of a Project requesting them to reconfirm that the external party still is a member of the project, would be welcomed.
Such a function should be implemented both for active and archived projects.
The system could be designed as a function for the account managers
1st level: Activate the security setting Yes/No
2nd level: Select active projects (different templates) and/or archived projects
3rd level: Select valid for > Members with account e-mail /external members (1 , 2 or both)
4th level: Periodically request the Project Admin. To confirm “Are external members still part of the project” (even if logged into the project) We have discovered that external both have invited in colleagues without our knowledge and approval and that staff who has left has been visiting our projects.
5th level: For own account members: If a person according to settings above has not logged into a project for a given period XX, a request is sent the Project administrators to verify that the person still is a member of the project
6th level: Allow external members to be members of an archived project? Yes/No