We just had our Official Notes open to all students. Even removing the rights from users didn't immediately take them away. We had to block Blackbaud at our firewall to close the connection and force student permissions to refresh.
Please design an option in core for platform managers to immediately disable accounts for a specific role.
Jessica,
I just reviewed the knowledgebase article that you referenced and had a question about that solution. I have several parents who have a BBID that was created based on one email because the parents have to have separate emails to log in, but they have changed their contact card email for all notifications to go to often a family email that is shared with the spouse. If I disconnect them, disable and reconnect them per the instructions, is it going to make them create a new BBID with the email that is on their contact card? Will I now be creating a whole new issue to deal with?
Hi all, I wanted make you aware of the existing process for disabling and re-enabling accounts in bulk, which is freshly updated in this Knowledgebase article for future reference: https://kb.blackbaud.com/knowledgebase/articles/Article/91926
Related to revoking access, there are 2 account statuses with differences worth noting:
Disconnecting (from Blackbaud ID) a user with an active session will prevent them from extending their 90-minute session but does not boot them from the system until their authenticated session expires. However, users who are not currently logged in will be unable to sign in as soon as their BBID is Disconnected.
To revoke access of active users immediately, the accounts must be Disabled.
Customers impacted by the issue mentioned above have been contacted directly with further details. We are reviewing our internal process and are committed to continually learning and improving to prevent similar issues from occurring.
PLEASE design an option in core for platform managers to immediately disable accounts for a specific role!
Agreed! The issue with Official Notes being made public is egregious and a significant breach of confidential and sensitive information. I would like a full explanation about how this happened and how you are making sure it never happens again.
Agreed! Platform Managers should have the ability to block access in the event of an emergency...like an emergency banner, but it blocks access at the top level so that users cannot access any pages behind the login other than the emergency banner.